Unique digital signature
First Claim
Patent Images
1. A unique digital signature comprising:
- a service identifier corresponding to a mailbox of an electronic messaging system;
an adapted digital signature created using a one-way hash function having au index number and a system key as inputs, said system key not being shared with a remote electronic messaging system;
wherein said service identifier and said adapted digital signature are concatenated to form said unique digital signature; and
wherein said unique digital signature is configured to be successfully authenticated no more than a fixed number of times, said fixed number of times corresponding to said index number.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for a unique digital signature is provided. According to one aspect of the invention, a unique digital signature comprises an adapted digital signature and a service id. The adapted digital signature provides temporary or restricted privileges for a particular electronic service. In one embodiment, the electronic service is electronic message forwarding. In another embodiment, the electronic service is electronic media delivery. An authentication log file is maintained for recording status information concerning unique digital signatures.
-
Citations
30 Claims
-
1. A unique digital signature comprising:
-
a service identifier corresponding to a mailbox of an electronic messaging system;
an adapted digital signature created using a one-way hash function having au index number and a system key as inputs, said system key not being shared with a remote electronic messaging system;
wherein said service identifier and said adapted digital signature are concatenated to form said unique digital signature; and
whereinsaid unique digital signature is configured to be successfully authenticated no more than a fixed number of times, said fixed number of times corresponding to said index number. - View Dependent Claims (2, 3, 4)
a domain name following said adapted digital signature; and
a system key number disposed between said service identifier and said domain name, said system key number identifying said system key used to create said adapted digital signature.
-
-
3. The unique digital signature of claim 1, further comprising:
-
a domain name following said adapted digital signature; and
whereinsaid system key corresponds to said service identifier.
-
-
4. The unique digital signature of claim 1, wherein said index number further corresponds to a number of storage locations in one or more vectors in an authentication log file, said one or more vectors linked to said system key.
-
5. An electronic commerce system comprising:
-
a router configured to receive information from an external network, said information comprising a unique digital signature;
an authenticated message server coupled to said router and configured to extract an adapted digital signature and a service identifier from said unique digital signature, further configured to re-compute said adapted digital signature using information included in said unique digital signature and information corresponding to said service identifier; and
an authentication log file coupled to said authenticated message server, said authentication log file configured to store data identifying at least one input to said unique digital signature and status information corresponding to a plurality of unique digital signatures, said status information configured to allow said adapted digital signature to be authenticated no more than a fixed number of times;
whereinsaid re-computed adapted digital signature is generated with a one-way hash function using a system key and said status information, said system key not being shared outside of said electronic commerce system;
whereinsaid authenticated message server is further configured to mark said status information in said authentication log file as expired when said adapted digital signature has been successfully authenticated said fixed number of times; and
whereinsaid authenticated message server initiates a process on behalf of said unique digital signature when said re-computed adapted digital signature matches said adapted digital signature. - View Dependent Claims (6, 7, 8)
-
-
9. A method for generating a unique digital signature comprising:
-
receiving a request for said unique digital signature;
incrementing an index number corresponding to a system key, said system key not being shared with a remote electronic messaging system;
executing a one-way hash function using said index number and said system key as inputs to produce an adapted digital signature;
concatenating a service identifier and said adapted digital signature to form said unique digital signature; and
returning said unique digital signature;
wherein said adapted digital signature can be authenticated no more than a fixed number of times, said fixed number of times corresponding to said index number. - View Dependent Claims (10, 11, 12, 13, 14)
transforming a product of said one-way hash function from a first digital format into a second digital format; and
using said transformed product of said one-way hash function in said second digital format as said adapted digital signature.
-
-
14. The method of claim 9, further comprising:
-
testing said index against a maximum index number;
when said index number is greater than said maximum index number, then;
incrementing a system key number;
generating a new value for said system key;
storing said new value for said system key in an authentication log file; and
resetting said index number.
-
-
15. A method for authenticating a unique digital signature comprising:
-
extracting an adapted digital signature and a service identifier from said unique digital signature; and
verifying said adapted digital signature is valid by;
retrieving a system key from a plurality of system keys, said plurality of system keys not being shared with a remote system;
performing a one-way hash-function using said system key and a non-expired index number from said plurality of index numbers corresponding to said system key to form a hash value;
comparing said hash value to said adapted digital signature;
incrementing said index number; and
repeating said act of performing said one-way hash function when said adapted digital signature and said hash value do not match; and
when said adapted digital signature and said hash value match, further performing the steps of;
marking status information corresponding to said non-expired index number as expired; and
granting access to an electronic service corresponding to said service identifier. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24)
converting said hash value from a first digital format into a second digital format; and
wherein said step of comparing comprises comparing said hash value in said second digital format to said adapted digital signature.
-
-
22. The method of claim 15, further comprising:
-
verifying said service identifier is valid by comparing said service identifier to one or more valid service identifiers;
verifying said system key is valid; and
verifying at least one of said plurality of index numbers corresponding to said system key has not been marked as expired;
when any of said steps of verifying fail, then;
recording failure information into a failure log; and
denying access to said electronic service.
-
-
23. The method of claim 15, wherein said electronic service is a wireless short message service, said wireless short message service configured to perform the step of forwarding a message to a wireless receiver associated with said unique digital signature when said step of verifying is successful.
-
24. The method of claim 15, wherein said electronic service is an electronic voting system, said electronic voting system configured to record a vote corresponding to said unique digital signature when said step of verifying is successful.
-
25. A method for generating a unique digital signature, said method comprising:
-
receiving a request for said unique digital signature;
incrementing an index number corresponding to a system key;
executing a hash function using said incremented index number and said system key as inputs to produce a hash value;
truncating said hash value to produce an adapted digital signature, said adapted digital signature configured to be authenticated no more than a fixed number of times, said fixed number of times corresponding to said index number;
concatenating a service identifier with said adapted digital signature; and
returning said concatenated service identifier and said adapted digital signature as said unique digital signature. - View Dependent Claims (26, 27, 28)
-
-
29. A method for authenticating a unique digital signature comprising:
-
extracting an adapted digital signature and a service identifier from said unique digital signature;
verifying said adapted digital signature is valid by;
retrieving a system key, said system key not being shared with a remote electronic message system;
performing a hash function using said system key and a non-used index number, said non-used index number selected from a plurality of index numbers corresponding to said system key, said hash function forming a hash value;
truncating said hash value;
comparing said truncated hash value to said adapted digital signature;
incrementing said index number; and
repeating said step of performing said hash function when said adapted digital signature and said truncated hash value do not match; and
when said truncated hash value and said adapted digital signature match, then further performing the steps of;
marking status information corresponding to said index number, said status information indicating said index number has been used; and
granting access to an electronic service corresponding to said service identifier. - View Dependent Claims (30)
verifying said service identifier is valid by comparing said service identifier to one or more valid service identifiers;
verifying said system key is valid;
verifying at least one of said plurality of index numbers corresponding to said system key has not been marked as used; and
when any of said steps of verifying fail, then denying access to said electronic service.
-
Specification