Distributed information system and protocol for affixing electronic signatures and authenticating documents

US 6,938,157 B2
Filed: 08/17/2001
Issued: 08/30/2005
Est. Priority Date: 08/18/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method to verify authenticity of a document having an electronic signature associated therewith, said document being digitally representable as a file (DF) that is processed with a cryptographic hash function (CHF) to yield a unique digital fingerprint number (DFP) associated with said DF, the method comprising the following steps:

(a) creating a document identification number (DID) uniquely associated with said DFP, and associating said DID with said DFP;

(b) obtaining and authenticating veracity of credential information (C), and associating said C with said DID and said DFP; and

(c) storing, in at least two locations, registration certificate (DFC) that represents said electronic signature and includes said DID, said DFP, and said C, such that a single entity cannot modify every stored copy of said DFC;

wherein step (c) includes initially promulgating said DFC to at least a minimum number Q of N, where N>

Q, storage locations (WS), and subsequently promulgating said DFP to any remaining (N-Q) said storage locations not initially receiving promulgated said DFC;

wherein authenticating whether a putative document digitally representable as a putative file DF′ and

by a putative registration certificate (DFC′

) associated therewith is an unaltered version of said document represented by said DF and is associated with said electronic signature includes;

comparing a putative digital fingerprint DFP′

for said DF′

obtained using said CHF with at least two retrieved copies of said DFP associated with the DFC stored at step (c);

wherein if said DFP′ and

said DFP are in agreement, said putative document is said document, and said electronic signature has not been altered.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system can process a digital representation (DF) of a document with a one-way cryptographic hash function (CHF) to yield a digital fingerprint (DFP) value that is associated with the DF. A document identification number (DID) is created, uniquely associated with the DFP, and with DID and DFP are associated optional credential information (C). A registration certificate DFC that represents an optional electronic signature associated with the document and that includes the DID and DFP is promulgated and archived at a plurality of storage locations. The system can authenticate whether a putative document is the original document by generating a digital fingerprint value for the putative document and comparing it to DFP retrieved from various of the storage locations. Authentication can confirm that the electronic signature is unaltered.

Citations

31 Claims

1. A method to verify authenticity of a document having an electronic signature associated therewith, said document being digitally representable as a file (DF) that is processed with a cryptographic hash function (CHF) to yield a unique digital fingerprint number (DFP) associated with said DF, the method comprising the following steps:
- (a) creating a document identification number (DID) uniquely associated with said DFP, and associating said DID with said DFP;
  
  (b) obtaining and authenticating veracity of credential information (C), and associating said C with said DID and said DFP; and
  
  (c) storing, in at least two locations, registration certificate (DFC) that represents said electronic signature and includes said DID, said DFP, and said C, such that a single entity cannot modify every stored copy of said DFC;
  
  wherein step (c) includes initially promulgating said DFC to at least a minimum number Q of N, where N>
  
  Q, storage locations (WS), and subsequently promulgating said DFP to any remaining (N-Q) said storage locations not initially receiving promulgated said DFC;
  
  wherein authenticating whether a putative document digitally representable as a putative file DF′ and
  
  by a putative registration certificate (DFC′
  
  ) associated therewith is an unaltered version of said document represented by said DF and is associated with said electronic signature includes;
  
  comparing a putative digital fingerprint DFP′
  
  for said DF′
  
  obtained using said CHF with at least two retrieved copies of said DFP associated with the DFC stored at step (c);
  
  wherein if said DFP′ and
  
  said DFP are in agreement, said putative document is said document, and said electronic signature has not been altered.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein at step (b), said credential information (C) is obtained from a user-registrant who initiates said association of said DID with said DFP.
  - 3. The method of claim 1, wherein at step (a), said credential information (C) includes at least one type of information selected from a group consisting of (i) user-registrant identity, (ii) user-registrant password, (iii) user-registrant provided authenticating information from a two-factor authentication device, (iv) user-registrant cryptographic key information, (v) user-registrant client system identifier, and (vi) user-registrant provided authenticating hardware token information.
  - 4. The method of claim 1, wherein at step (a), said association of said DID with said DFP is initiated by a user-registrant, said user-registrant selecting an archive-server in which said DF and at least DFC information will be stored.
  - 5. The method of claim 1, further including storing said DF and at least DFC information in an archive-server, said archive-server verifying authenticity of said DF and said at least DFC information stored therein.
  - 6. The method of claim 1, wherein step (a) includes selecting a document identification number (DID) at least quasi-randomly.
  - 7. The method of claim 1, wherein step (a) includes generating said document identification number (DID) by a nexus-server.
  - 8. The method of claim 1, wherein said DFP is representable in at least one format selected from a group consisting of (i) a printable bar-code, (ii) a printable multi-dimensional bar-code, (iii) printed scannable information, (iv) scannable information, and (v) human-readable information.
  - 9. The method of claim 1, wherein step (c) includes selecting locations for said storage at least quasi-randomly.
  - 10. The method of claim 1, wherein said document is protectable by copyright law, and said method is carried out at least in part to protect a copyright for said document, wherein said copyright law is selected from a group consisting of (i) U.S. copyright law, and (ii) copyright law of nations other than the U.S.
  - 11. The method of claim 1, wherein step (c) includes initially promulgating said DFC substantially in real-time.
  - 12. The method of claim 1, wherein:
    - each of said Q storage locations independently determines and independently reports a timestamp including time of its receipt of said DFP; and
      
      said DFC stored at step (c) includes at least each independently reported said timestamp.
  - 13. The method of claim 12, further including:
    - comparing time reported from each said timestamp to determine from a commonality thereof that time at which storing at step (c) occurred is not disputable.

14. A method to verify authenticity of a document having an electronic signature associated therewith, said document being digitally representable as a file (DF) that is processed with a cryptographic hash function (CHF) to yield a unique digital fingerprint number (DFP) associated with said DF, the method comprising the following steps:
- (a) creating a document identification number (DID) uniquely associated with said DFP, and associating said DID with said DFP;
  
  (b) obtaining and authenticating veracity of credential information (C), and associating said C with said DID and said DFP;
  
  (c) creating a signature declaration (SD) that captures expressed intent of a user-registrant to create and associate said electronic signature with said document represented by said DF;
  
  (d) creating a testimonial record (T) that includes at least said DID, said DFP, said C, and said SD, and creating from and associating with said T a unique digital fingerprint number (DFP_T), said DFP_Tobtainable from a cryptographic hash function (CHF_T); and
  
  (e) storing, in at least two locations, registration certificate (DFC_T) that represents said electronic signature and includes said DID, said DFP, said DFP_T, and said C, such that a single entity cannot modify every stored copy of said DFC_T;
  
  wherein wherein step (e) includes initially promulgating said DFC to at least a minimum number Q of N, where N>
  
  Q, storage locations (WS), and subsequently promulgating said DFP to any remaining (N-Q) said storage locations not initially receiving promulgated said DFC;
  
  wherein authenticating whether a putative document, digitally representable as a putative file DE′ and
  
  associated with a putative registration certificate (DFC_T′
  
  ) and associated with a putative testimonial record (T′
  
  ), is an unaltered version of said document represented by said DF and is associated with said electronic signature includes;
  
  comparing a putative digital fingerprint DFP′
  
  for said DF′
  
  obtained using said CHF with at least two retrieved copies of said DFP associated with the DFC_Tstored at step (e), and comparing a putative digital fingerprint DFP_T′
  
  for said T′
  
  obtained using said CHF_Twith at least two copies of said DFP_Tassociated with the DFC_Tstored at step (e);
  
  wherein if said DFP′ and
  
  said DFP are in agreement, said putative document is said document, and if said DFP_T′ and
  
  said DFP_Tare in agreement, said electronic signature has not been altered.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 15. The method of claim 14, wherein said DF includes a DFC_Tpreviously stored at step (e).
  - 16. The method of claim 14, further returning to said user-registrant information that includes at least said T and said DFP_T.
  - 17. The method of claim 14, further including storing within a system-of-record information that includes at least said T.
  - 18. The method of claim 14, wherein step (b) is carried out by a system-of-record that stores information including at least said T.
  - 19. The method of claim 14, wherein at step (b), said credential information (C) is obtained from a user-registrant who initiates said association of said DID with said DFP.
  - 20. The method of claim 14, wherein at step (b), said credential information (C) includes at least one type of information selected from a group consisting of (i) user-registrant identity, (ii) user-registrant password, (iii) user-registrant two-factor authentication, and (iv) user-registrant key information.
  - 21. The method of claim 14, wherein at step (a), said association of said DID with said DFP is initiated by a user-registrant, said user-registrant selecting an archive-server in which said DF and at least DFC information will be stored.
  - 22. The method of claim 14, further including storing said DF and at least DFC information in an archive-server, said archive-server verifying authenticity of said DF and said at least DFC information stored therein.
  - 23. The method of claim 14, wherein step (a) includes selecting a document identification number (DID) at least quasi-randomly.
  - 24. The method of claim 14, wherein step (a) includes generating said document identification number (DID) by a nexus-server.
  - 25. The method of claim 14, wherein step (e) includes selecting locations for said storage at least quasi-randomly.
  - 26. The method of claim 14, wherein step (e) includes initially promulgating said DFC substantially in real-time.
  - 27. The method of claim 14, wherein:
    - each of said Q storage locations independently determines and independently reports a timestamp including time of its receipt of said DFP; and
      
      said DFC stored at step (e) includes at least each independently reported said timestamp.
  - 28. The method of claim 27, further including:
    - comparing time reported from each said timestamp to determine from a commonality thereof that time at which storing at step (c) occurred is not disputable.

29. A method to verify authenticity of a document optionally having an electronic signature associated therewith, said document being digitally representable as a file (DF) processable with a cryptographic hash function (CHF) to yield a unique digital fingerprint number (DFP) associated with said DF, where (i) a document identification number (DID) uniquely associated with said DFP has been created and associated with said DFP;
- where (ii) credential information (C) has bean obtained, its veracity confirmed, and said C associated with said DID and said DFP; and
  
  (iii) where there has been stored in at least two locations registration certificate (DFC) representing said electronic signature and including said DID, said DFP, and said C, such that a single entity cannot modify every stored copy of said DFC wherein said DFC has been promulgated to at least a minimum number Q of N, where N>
  
  Q, storage locations (WS), and has subsequently been promulgated to any remaining (N-Q) said storage locations not initially receiving promulgated said DFC;
  
  the method comprising the following steps;
  
  (a) for a putative document, obtaining a digital representation thereof as a putative file DF′ and
  
  obtaining a putative registration certificate (DFC′
  
  ) associated therewith;
  
  (b) obtaining and comparing a putative digital fingerprint DFP′
  
  for said DF′
  
  obtained using said CHF with at least two retrieved copies of said DFP associated with said DFC;
  
  wherein said putative document is an unaltered version of said document represented by said DF and is associated with said electronic signature; and
  
  includes;
  
  if said DFP′ and
  
  said DFP are in agreement, said putative document is said document, and said electronic signature has not been altered.

30. A system to verify authenticity of a document representable digitally, the system comprising:
- a nexus-server having a CPU end memory and including means for quasi-randomly generating ID numbers, issuing customer ID numbers, issuing document ID numbers (DID), and issuing coupons bearing at least one of (i) CID, and (ii) DID;
  
  at least two clusters of witness-server computer systems (WS), each having a CPU and memory, each of said witness-servers being operatively coupleable to each other and to said nexus-server for intercommunication therebetween;
  
  wherein said nexus-server supervises adherence of said WS in a cluster to rules and protocols applicable to said cluster;
  
  wherein one WS of said cluster, upon presentation by a user of said coupon and a digital fingerprint number (DFP) for said document obtained from a one-way cryptographic hash function (CHF), promulgates said coupon information and said DFP to a number of other witness-server computer systems in said cluster, wherein said number of other witness-server computer systems is at least two and is commensurate with the value of the coupon, and upon confirming receipt of said coupon information and said DFP, said witness-server computer system converting said coupon into a registration certificate containing at least said coupon information and said DFP, said registration certificate is returned to said user;
  
  said system upon user-presentation of said registration certificate retrieving from at least some of said witness-server computer systems in said cluster a digital fingerprint number;
  
  wherein comparison of the retrieved said digital fingerprint numbers against a digital fingerprint number newly generated for said document permits confirming said document has was not altered after presentation to said system.

31. A computer-readable medium storing computer-readable software that when executed by a computer system that includes a CPU carries out at least three of the following steps to verify authenticity of a document having an electronic signature associated therewith, the document being digitally representable as a file (DF) that is processed with a cryptographic hash function (CHF) to yield a unique digital fingerprint number (DFP) associated with said DF;
- (a) obtaining and authenticating veracity of credential information (C), and associating said C with said DID and said DFP;
  
  (b) creating a signature declaration (SD) capturing expressed intent of a user-registrant to create and associate said electronic signature with said document;
  
  (c) promulgating for storage, in at least two locations, registration certificate (DFC) that represents said electronic signature and includes said DID, said DFP, said C, and at east one of (i) said SD, and (ii) a digital fingerprint of said SD, such that a single entity cannot modify every stored copy of said DFC;
  
  wherein step (c) includes initially promulgating said DFC to at least a minimum number Q of N, where N>
  
  Q, storage locations (WS), and subsequently promulgating said DFP to any remaining (N-Q) said storage locations not initially receiving promulgated said DFC;
  
  wherein authenticating whether a putative document digitally representable as a putative file DF′ and
  
  by a putative registration certificate (DFC′
  
  ) associated therewith is an unaltered version of said document represented by said DF and is associated with said electronic signature includes;
  
  (d) comparing a putative digital fingerprint DFP′
  
  for said DF′
  
  obtained using said CHF with at least two retrieved copies of said DFP associated with the DFC stored at step (c);
  
  wherein if said DFP′ and
  
  said DFP are in agreement, said putative document is said document, and said electronic signature has not been altered.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Jonathan C. Kaplan
Original Assignee
Jonathan C. Kaplan
Inventors
Kaplan, Jonathan C.
Primary Examiner(s)
Barrón, Gilberto
Assistant Examiner(s)
Dinh, Minh

Application Number

US09/932,547
Publication Number

US 20020023220A1
Time in Patent Office

1,474 Days
Field of Search

713155-156, 713/170, 713/176, 713178-179, 713/187
US Class Current

713/176
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 63/0823   using certificates cryptogr...

H04L 63/123   received data contents, e.g...

H04L 9/3218   using proof of knowledge, e...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

Distributed information system and protocol for affixing electronic signatures and authenticating documents

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Distributed information system and protocol for affixing electronic signatures and authenticating documents

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links