Method and apparatus for verifying the legitimacy of an untrusted mechanism

US 7,103,910 B1
Filed: 01/14/2000
Issued: 09/05/2006
Est. Priority Date: 11/22/1999
Status: Expired due to Term

First Claim

Patent Images

1. A method for verifying the legitimacy of an untrusted signature verification mechanism, comprising:

submitting a first signature and a second signature to an untrusted signature verification mechanism in a sequence that is unpredictable to the untrusted mechanism, said first signature being known to be verifiable, and said second signature being known to be unverifiable;

receiving a response from the untrusted mechanism for each submission of either said first signature or said second signature;

determining whether each response received from the untrusted mechanism is a correct response; and

in response to a determination that any of the responses from the untrusted mechanism is an incorrect response, determining the untrusted mechanism to not be legitimate.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The legitimacy of an untrusted mechanism is verified by submitting a first set of information and a second set of information to the untrusted mechanism in an unpredictable sequence. For each submission of either the first set or the second set of information, a response is received from the untrusted mechanism. Each response is tested to determine if the response is correct for the information set submitted. If any of the responses from the untrusted mechanism is incorrect, then it is determined that the untrusted mechanism is not legitimate. Because the submission sequence is unpredictable, it is highly difficult if not impossible for an illegitimate untrusted mechanism to “fake” proper responses. As a result, this verification process provides an effective means for testing and verifying the legitimacy of the untrusted mechanism.

22 Citations

View as Search Results

15 Claims

1. A method for verifying the legitimacy of an untrusted signature verification mechanism, comprising:
- submitting a first signature and a second signature to an untrusted signature verification mechanism in a sequence that is unpredictable to the untrusted mechanism, said first signature being known to be verifiable, and said second signature being known to be unverifiable;
  
  receiving a response from the untrusted mechanism for each submission of either said first signature or said second signature;
  
  determining whether each response received from the untrusted mechanism is a correct response; and
  
  in response to a determination that any of the responses from the untrusted mechanism is an incorrect response, determining the untrusted mechanism to not be legitimate.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein said sequence is generated randomly.
  - 3. The method of claim 2, wherein said sequence is generated using a random number generator.
  - 4. The method of claim 1, wherein said sequence includes at least one submission of said first signature and at least one submission of said second signature.
  - 5. The method of claim 1, wherein determining whether each response received from the untrusted mechanism is a correct response comprises:
    - where the signature submitted to the untrusted mechanism was said first signature, determining whether the response from the untrusted mechanism is that said first signature is verified; and
      
      where the signature submitted to the untrusted mechanism was said second signature, determining whether the response from the untrusted mechanism is that said second signature is not verified.

6. An apparatus for verifying the legitimacy of an untrusted signature verification mechanism, comprising:
- a mechanism for submitting a first signature and a second signature to an untrusted signature verification mechanism in a sequence that is unpredictable to the untrusted mechanism, said first signature being known to be verifiable, and said second signature being known to be unverifiable;
  
  a mechanism for receiving a response from the untrusted mechanism for each submission of either said first signature or said second signature;
  
  a mechanism for determining whether each response received from the untrusted mechanism is a correct response; and
  
  a mechanism for determining, in response to a determination that any of the responses from the untrusted mechanism is an incorrect response, the untrusted mechanism to not be legitimate.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The apparatus of claim 6, wherein said sequence is generated randomly.
  - 8. The apparatus of claim 7, wherein the mechanism for submitting comprises a random number generator.
  - 9. The apparatus of claim 6, wherein said sequence includes at least one submission of said first signature and at least one submission of said second signature.
  - 10. The apparatus of claim 6, wherein the mechanism for determining whether each response received from the untrusted mechanism is a correct response comprises:
    - a mechanism for determining, where the signature submitted to the untrusted mechanism was said first signature, whether the response from the untrusted mechanism is that said first signature is verified; and
      
      a mechanism for determining, where the signature submitted to the untrusted mechanism was said second signature, whether the response from the untrusted mechanism is that said second signature is not verified.

11. A computer readable medium having stored thereon instructions which, when executed by one or more processors, cause the one or more processors to verify the legitimacy of an untrusted signature verification mechanism, said computer readable medium comprising:
- instructions for causing one or more processors to submit a first signature and a second signature to an untrusted signature verification mechanism in a sequence that is unpredictable to the untrusted mechanism, said first signature being known to be verifiable, and said second signature being known to be unverifiable;
  
  instructions for causing one or more processors to receive a response from the untrusted mechanism for each submission of either said first signature or said second signature;
  
  instructions for causing one or more processors to determine whether each response received from the untrusted mechanism is a correct response; and
  
  instructions for causing one or more processors to determine, in response to a determination that any of the responses from the untrusted mechanism is an incorrect response, the untrusted mechanism to not be legitimate.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The computer readable medium of claim 11, wherein said sequence is generated randomly.
  - 13. The computer readable medium of claim 12, wherein said sequence is generated using a random number generator.
  - 14. The computer readable medium of claim 11, wherein said sequence includes at least one submission of said first signature and at least one submission of said second signature.
  - 15. The computer readable medium of claim 11, wherein the instructions for causing one or more processors to determine whether each response received from the untrusted mechanism is a correct response comprises:
    - instructions for causing one or more processors to determine, where the signature submitted to the untrusted mechanism was said first signature, whether the response from the untrusted mechanism is that said first signature is verified; and
      
      instructions for causing one or more processors to determine, where the signature submitted to the untrusted mechanism was said second signature, whether the response from the untrusted mechanism is that said second signature is not verified.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Luehe, Jan, Liu, Sharon S.
Primary Examiner(s)
Song, Hosuk
Assistant Examiner(s)
KLIMACH, PAULA W

Application Number

US09/483,726
Time in Patent Office

2,426 Days
Field of Search

713168-170, 713/202, 713171-181, 705/50, 705/51, 705/62, 705/75, 726/2, 726/5, 726 16- 17
US Class Current

726/2
CPC Class Codes

H04L 2209/60   Digital content management,...

H04L 2209/80   Wireless network architectu...

H04L 9/3247   involving digital signatures

H04L 9/3273   for mutual authentication n...

Method and apparatus for verifying the legitimacy of an untrusted mechanism

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for verifying the legitimacy of an untrusted mechanism

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others