Secure proxy signing device and method of use

US 6,453,416 B1
Filed: 12/19/1997
Issued: 09/17/2002
Est. Priority Date: 12/19/1997
Status: Expired due to Term

First Claim

Patent Images

1. A digital signing device for forming a digital signature of a document using at least one private key stored within the signing device, comprising:

means for using a plurality of data items supplied to the signing device to derive a document hash and to thereafter authenticate the derived document hash on a condition that first data derived at least in part from one of said data items is the same as second data derived from another of said data items, the derived second data being equal to said another of said data items; and

, means for encrypting the document hash with the at least one stored private key to form the digital signature only if the derived document hash is authenticated; and

a random generator, and the first data is also derived in part from a number stored in the device which was previously generated by the random number generator.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A digital signature of a document is formed in a digital signing device by using a private key stored in the digital signing device. A number of data items are supplied to the signing device. The signing device uses the data items to derive and authenticate a document hash. The digital signature is only formed if the derived document hash is authenticated.

222 Citations

13 Claims

1. A digital signing device for forming a digital signature of a document using at least one private key stored within the signing device, comprising:
- means for using a plurality of data items supplied to the signing device to derive a document hash and to thereafter authenticate the derived document hash on a condition that first data derived at least in part from one of said data items is the same as second data derived from another of said data items, the derived second data being equal to said another of said data items; and
  
  , means for encrypting the document hash with the at least one stored private key to form the digital signature only if the derived document hash is authenticated; and
  
  a random generator, and the first data is also derived in part from a number stored in the device which was previously generated by the random number generator.
- View Dependent Claims (2, 3, 4)
- - 2. A digital signing device as claimed in claim 1, wherein the device further has user identifying data stored therein, and the first data is also derived in part from the stored user identifying data.
  - 3. A digital signing device as claimed in claim 2, wherein the user identifying data is derived from a passphrase or from biometric information.
  - 4. A digital signing device as claimed in claim 1, wherein the document hash is derived from said data by decrypting with said private key.

5. A digital signing device for forming a digital signature of a document using at least one private key stored within the signing device, comprising:
- means for using a plurality of data items supplied to the signing device to derive a document hash and to thereafter authenticate the derived document hash on a condition that first data derived at least in part from one of said data items is the same as second data derived from another of said data items, the derived second data being equal to said another of said data items; and
  
  , means for encrypting the document hash with the at least one stored private key to form the digital signature only if the derived document hash is authenticated; and
  
  user identifying da stored therein, and the first data is also derived in part from the stored user identifying data.
- View Dependent Claims (6)
- - 6. A digital signing device as claimed in claim 5, wherein the user identifying data is derived from a passphrase or from biometric information.

7. User apparatus for cooperating with a digital signing device via a network for forming a digital signature on behalf of a user to whom is assigned a private key/public key pair, said user apparatus comprising user interaction means for a user to indicate approval of a document;
- and computation means configured for forming first and second data items to be provided to the digital signing device via the network, said first data item being derived from a hash of the approved document, said second data item being derived from a combination including said hash of the approved document and a random number previously computed by the signing device and sent to the user apparatus via the network, and said digital signing apparatus comprising means for using said first and second data items to derive and authenticate a document hash, and means for encrypting the derived document hash with at least one private key stored in the digital signing device to form the digital signature only if the derived document hash is authenticated.
- View Dependent Claims (8, 9, 10)
- - 8. User apparatus as claimed in claim 7, wherein the second data item is derived from said combination by hashing together the items of said combination.
  - 9. User apparatus as claimed in claim 7, wherein said combination further comprises user identifying data.
  - 10. User apparatus as claimed in claim 9, wherein said user identifying data is derived from a passphrase or from biometric information of the user.

11. A method of forming a digital signature of a user comprising:
- receiving in user equipment from a server via a network a document to be approved;
  
  generating a random number in a signing device and supplying the random number to the user equipment;
  
  forming in the user equipment a first data item derived from a hash of the approved document and a second data item derived from a combination including said hash of the approved document and said random number;
  
  authenticating in the signing device a hash of the approved document derived from said first data item if data derived by the signing device from the combination including the derived hash of the approved document and a previously generated random number stored in the signing device equals data derived from said second data item; and
  
  only if the derived document hash is authenticated;
  
  encrypting the derived document hash in the signing device with the private key of the user stored in the signing device to form the digital signature.
- View Dependent Claims (12, 13)
- - 12. A method as claimed in claim 11, wherein said combination further includes user identifying data.
  - 13. A method as claimed in claim 12, wherein the user identifying data is derived from a passphrase or from biometric information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Uniloc 2017 LLC (SoftBank Group Corp.)
Original Assignee
Koninklijke Philips Electronics N.V. (Koninklijke Philips N.V.)
Inventors
Epstein, Michael A.
Primary Examiner(s)
Barron, Gilberto
Assistant Examiner(s)
Meislahn, Douglas J.

Application Number

US08/994,873
Time in Patent Office

1,733 Days
Field of Search

713/170, 713/176, 713/179, 713/180, 380/30
US Class Current

713/170
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/64   Protecting data integrity, ...

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 9/3247   involving digital signatures

Secure proxy signing device and method of use

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

222 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Secure proxy signing device and method of use

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

222 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links