Method and system for recovering the validity of cryptographically signed digital data
First Claim
1. A method for validating a restored message, comprising:
- generating an entry in a signature log for a message, wherein said entry comprises cryptographic information associated with said message and at least one previous message associated with said message;
if said message is lost, generating said restored message responsive to a request; and
validating said restored message using cryptographic information associated with said previous message in said signature log.
1 Assignment
0 Petitions
Accused Products
Abstract
According to the present invention, techniques, including a method and system, for restoring and/or validating data and/or associated signature log entries are provided. One embodiment of the present invention provides a method for validating a restored message, having an entry generated in a signature log for a message, where the entry includes cryptographic information associated with the message; Next, when said message is lost, the restored message is generated responsive to a request; and the restored message is validated using the signature log. In another embodiment a method for validating a selected log entry by using a signature log having a plurality of recorded log entries is provided. The method includes: computing a cryptographic value for the selected log entry; and determining if the cryptographic value is part of another recorded log entry.
20 Citations
40 Claims
-
1. A method for validating a restored message, comprising:
-
generating an entry in a signature log for a message, wherein said entry comprises cryptographic information associated with said message and at least one previous message associated with said message;
if said message is lost, generating said restored message responsive to a request; and
validating said restored message using cryptographic information associated with said previous message in said signature log. - View Dependent Claims (2, 3, 4)
-
-
5. A system for recovering and validating user information, comprising:
-
a user system comprising a signature log, said signature log comprising cryptographic information associated with said user information and at least one previous version of said user information;
a recovery system coupled with said user system via a communications network for restoring user information; and
a validity system coupled with said user system via said communications network for validating restored user information using said at least one previous version of said user information in said signature log. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A system for determining if a user message is valid, said system comprising:
-
a user computer system having a log, said log comprising a log entry related to a message sent by said user, wherein said log entry has a digital signature comprising information related to a previous log entry of said log; and
a validation unit coupled to said user computer system for validating said user message using said previous log entry of said log. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer readable data transmission medium containing a data structure for validating message information comprising:
-
a first portion having a hash of a user message;
a second portion having a hash of a signature log entry that includes a hash of at least one previous user message that is associated with the user message; and
a digital signature based on said first portion and said second portion. - View Dependent Claims (20, 21)
-
-
22. A method, using a computer, for generating a signature log comprising a plurality of log entries, said method comprising:
-
generating a first log entry of said plurality of log entries, said first log entry comprising a first cryptographic value associated with a first user message; and
generating a second log entry of said plurality of log entries, said second log entry comprising a second cryptographic value associated with said first log entry, a third cryptographic value associated with a second user message, and a digital signature. - View Dependent Claims (23, 24, 25)
-
-
26. A data structure stored in a computer readable medium for validating a selected user message of a plurality of user messages, comprising
a first hash of a first log entry, wherein said first log entry comprises a second hash of a first user message of said plurality of user messages; -
a third hash of said selected user message of said plurality of user messages; and
a digital signature of said first hash combined with said third hash.
-
-
27. A computerized method for validating a selected log entry using a signature log having a plurality of recorded log entries, said method comprising:
-
computing a cryptographic value for said selected log entry; and
determining if said cryptographic value is part of a later recorded log entry of said plurality of recorded log entries. - View Dependent Claims (28)
-
-
29. A system for preventing repudiation of a transaction by one of a plurality of user computer systems, said system comprising:
-
a first user of said plurality of user computer systems;
a second user of said plurality of user computer systems performing said transaction with said first user; and
a log chain crossing computer responsive to a request by either said first or said second user to record said transaction, said record comprising a hysteresis signature of said transaction.
-
-
30. A computerized method for registering a log entry of a user with an officially recognized entity, comprising:
-
registering a signature log chain with said officially recognized entity, wherein a first log entry of said signature log chain is related to a previous second log entry of said signature log chain;
receiving from said user a user log entry;
generating a cryptographic value associated with said user log entry; and
generating a third log entry in said signature log chain, wherein said third log entry comprises said cryptographic value and cryptographic information for the second log entry and the first log entry. - View Dependent Claims (31, 32)
-
-
33. A method for validating a user data item by a computer system using a user'"'"'s signature log, comprising:
-
receiving said user'"'"'s signature log;
validating a cryptographic value associated with said user data item is in a first log entry in said user'"'"'s signature log;
determining a second log entry in said user'"'"'s signature log that is checkpointed;
verifying said first log entry by back chaining from said second log entry to said first log entry; and
returning a result to said user.
-
-
34. A computer method for recovering a data item recorded in a signature log between two points in time comprising:
-
receiving a request from a user to recover data recorded in a signature log between two points in time;
receiving from a data recovery unit said data item and a first signature log entry that includes said data item;
receiving from the data recovery unit a second signature log entry entered in the signature log after the first signature log entry is entered in the signature log, wherein the second signature log entry includes another data item associated with said data item;
validating that a hash of said data item is included in said second log entry; and
if said data item is validated, sending said data item to said user.
-
-
35. A system for validating a user message, comprising:
-
an input module for receiving a signature log from a user, said signature log comprising a plurality of related log entries;
a cryptographic module for generating a cryptographic value from said user message; and
a verifying module for validating said cryptographic value is in a later log entry in said signature log. - View Dependent Claims (36)
-
-
37. A computer program product for validating a restored message, comprising:
-
code for generating an entry in a signature log for a message, wherein said entry comprises cryptographic information associated with said message and at least one previous massage associated with said message;
if said message is lost, code for generating said restored message responsive to a request;
code for validating said restored message using cryptographic information associated with said previous message in said signature log; and
a computer usable medium for embodying said codes. - View Dependent Claims (38, 39)
-
-
40. A computer data signal embodied in a carrier wave for validating a restored message, comprising:
-
program code for generating an entry in a signature log for a message, wherein said entry comprises cryptographic information associated with said message and at least one previous message associated with said message;
if said message is lost, program code for generating said restored message responsive to a request; and
program code for validating said restored message using cryptographic information associated with said previous message in said signature log.
-
Specification