Method for carrying out secure digital signature and a system therefor
First Claim
1. A method for carrying out a secure digital signature of a person on a digital data packet(s) sent from a sender being a third party to at least one recipient, said sender and said at least one recipient connected to a data network via network connection means, comprising the steps of:
- a) sampling one or more biometric sample(s) of said person and converting said biometric sample(s) to a digital form;
b) storing said biometric sample at a location accessible to the sender;
c) storing, at the sender side, a digital packet(s) that may be altered by the at least one recipient at said sender side;
d) sending a request from the at least one recipient, to the sender, to select the digital data packet(s) to sign;
e) at said sender side, producing a first digital seal from the combination of said digital data packet(s) and a one-time time stamp generated at said sender side using an asymmetric operator with the private key of said sender and optionally with the public key of said at least one recipient;
f) sending said sealed digital data packet(s) to said at least one recipient;
g) at the at least one recipient side, receiving said sealed digital data packet(s) and opening said sealed digital data packet(s) with the sender'"'"'s public key and optionally first with the at least one recipient'"'"'s private key and then with the sender'"'"'s public key;
h) allowing said at least one recipient to sign the opened digital data packet(s) by adding his biometric sample(s), in real-time, to said opened digital data packet(s);
i) at said at least one recipient side, producing a second digital seal from the combination of said signed digital data packet(s) and said one-time time stamp, using said asymmetric operator, with the public key of said sender and optionally with the private key of said at least one recipient;
j) at the sender side, receiving said sealed digital data packet(s) and opening said sealed digital data packet(s) with the sender'"'"'s private key and optionally first with the at least one recipient'"'"'s public key;
k) at the sender'"'"'s side;
k.1) verifying that the signed digital data packet(s) has not been altered after sealing by the at least one recipient;
k.2) comparing the biometric sample(s) attached to said opened digital data packet(s) with the at least one recipient'"'"'s stored biometric sample(s);
k.3) if the signed digital data packet(s) has not been altered after sealing by the at least one recipient and the biometric sample(s) attached to said opened digital data packet(s) and the at least one recipient'"'"'s stored biometric sample(s) are identical, approving the authentication of said digital signature, otherwise denying the authentication of said digital signature; and
iv) providing the option of sending, by said sender, a receipt to all said recipients to confirm the authentication and receipt of said digital packet(s).
4 Assignments
0 Petitions
Accused Products
Abstract
Method and system for carrying out secure signing of a person on a data packet sent from a sender to a recipient, the sender and the recipient connected to a data network via network connection means. A biometric sample of the person is sampled and converted to a digital form. A first digital seal produced from the combination of the digital data packet and the biometric sample, or from two or more digital seals derived from the digital data packet and the biometric sample. The digital data packet and the biometric sample and the digital seal are sent to the recipient. A second digital seal is produced from the combinations of received digital data packet and the received biometric sample. The first and the second seals are compared and if the first and the second seals are identical, the authentication of the digital signature is approved. Otherwise, the authentication of the digital signature is denied.
-
Citations
11 Claims
-
1. A method for carrying out a secure digital signature of a person on a digital data packet(s) sent from a sender being a third party to at least one recipient, said sender and said at least one recipient connected to a data network via network connection means, comprising the steps of:
-
a) sampling one or more biometric sample(s) of said person and converting said biometric sample(s) to a digital form; b) storing said biometric sample at a location accessible to the sender; c) storing, at the sender side, a digital packet(s) that may be altered by the at least one recipient at said sender side; d) sending a request from the at least one recipient, to the sender, to select the digital data packet(s) to sign; e) at said sender side, producing a first digital seal from the combination of said digital data packet(s) and a one-time time stamp generated at said sender side using an asymmetric operator with the private key of said sender and optionally with the public key of said at least one recipient; f) sending said sealed digital data packet(s) to said at least one recipient; g) at the at least one recipient side, receiving said sealed digital data packet(s) and opening said sealed digital data packet(s) with the sender'"'"'s public key and optionally first with the at least one recipient'"'"'s private key and then with the sender'"'"'s public key; h) allowing said at least one recipient to sign the opened digital data packet(s) by adding his biometric sample(s), in real-time, to said opened digital data packet(s); i) at said at least one recipient side, producing a second digital seal from the combination of said signed digital data packet(s) and said one-time time stamp, using said asymmetric operator, with the public key of said sender and optionally with the private key of said at least one recipient; j) at the sender side, receiving said sealed digital data packet(s) and opening said sealed digital data packet(s) with the sender'"'"'s private key and optionally first with the at least one recipient'"'"'s public key; k) at the sender'"'"'s side; k.1) verifying that the signed digital data packet(s) has not been altered after sealing by the at least one recipient; k.2) comparing the biometric sample(s) attached to said opened digital data packet(s) with the at least one recipient'"'"'s stored biometric sample(s); k.3) if the signed digital data packet(s) has not been altered after sealing by the at least one recipient and the biometric sample(s) attached to said opened digital data packet(s) and the at least one recipient'"'"'s stored biometric sample(s) are identical, approving the authentication of said digital signature, otherwise denying the authentication of said digital signature; and iv) providing the option of sending, by said sender, a receipt to all said recipients to confirm the authentication and receipt of said digital packet(s). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for carrying out secure signing of a person on a digital data packet(s) sent from a sender being a third party to at least one recipient, said sender and said at least one recipient connected to a data network via network connection means, comprising:
-
a computerized server for managing the signing process, said server being connected to said data network via said network connection means; a database system for storing signed data packets, unsigned data packets, a list of authorized users, said users'"'"' personal details and biometric templates, said database system accessible by said server; a sender'"'"'s terminal for managing the signing process at the sender'"'"'s side, connected to said network via network connection means; one or more recipient'"'"'s terminals for performing the signing process at the recipient side, said one or more recipient'"'"'s terminals being coupled with means for carrying out a biometric sample(s) of said at least one recipient, and connected to said network via network connection means; a software component at said sender'"'"'s terminal, which after receiving a request from said at least one recipient to select the digital data packet(s) to sign, produces a first digital seal from the combination of said digital data packet(s), and produces a one-time time stamp using an asymmetric operator, and then sends said sealed digital data packet(s) to said one or more recipient'"'"'s terminals; a second software component at said one or more recipient'"'"'s terminals for receiving said sealed digital data packet(s), for opening said sealed digital data packet(s), for allowing said at least one recipient to sign the opened digital data packet(s) by adding his biometric sample(s) to said opened digital data packet(s), for producing a second digital seal from the combination of said signed digital data packet(s) and said one-time time stamp, using said asymmetric operator; and a third software component for verifying that the signed digital data packet(s) has not been altered after sealing by said at least one recipient and comparing the biometric sample(s) attached to said opened digital data packet(s) with the at least one recipient'"'"'s stored biometric sample(s). - View Dependent Claims (10, 11)
-
Specification