Method and system for assuring an original

US 7,249,258 B2
Filed: 09/05/2002
Issued: 07/24/2007
Est. Priority Date: 07/02/2002
Status: Expired due to Fees

First Claim

Patent Images

1. An original assurance method for assuring validity of original data using a plurality of first signature servers and a second signature server supervising said plurality of first signature servers, said method comprising:

generating signatures for assuring validity of the original data; and

performing verification of validity of the original data;

wherein in the step of generating signatures for assuring validity, each of said plurality of first signature servers performs;

a first log list registration step, when the first signature server receives digital data, of generating a digital signature for concatenation of said digital data and a first chain signature registered in a first log list, and adding said generated digital signature to said first log list;

a first receipt transmission step of sending a first receipt including said first chain signature to a sender of the digital data; and

a second receipt reception step of sending the first chain signature in said first log list to said second signature server, receiving a second receipt to the first chain signature from said second signature server, and storing said second receipt; and

wherein in the step of generating signatures for assuring validity, said second signature server performs;

a second log list registration step, when the second signature server receives a first chain signature from one of said plurality of first signature servers, of generating a digital signature for a concatenation of the first chain signature and a second chain signature registered in a second log list, and adding the generated digital signature to said second log list;

a second receipt transmission step of sending a second receipt including said second chain signature to said one of said plurality of first signature servers; and

a transmission management step of sending a second chain signature in said second log list to an external server;

wherein in the step of performing verification of validity of the original data, each of said plurality of first signature servers performs;

a first log list verification step, when the first signature server receives a first receipt with respect to original data, as an object of verification, of verifying each of first chain signatures ranging from a first chain signature included in said first receipt to a first chain signature that has been sent to said second signature server; and

a second receipt transmission step of sending a second receipt to said second signature server, wherein the second receipt is received from said second signature server by sending the first chain signature to said second signature server; and

wherein in the step of performing verification of validity of the original data, said second signature server performs;

a second log list verification step, when the second signature server receives the second receipt from said first signature server, of verifying each of second chain signatures ranging from a second chain signature included in said second receipt to a second chain signature sent to said external server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In using log lists of chain signatures to assure validity of an original, work of opening log lists to the public is reduced. A first signature server 2 generates a first chain signature to an original as an object of assurance, adds the generated first chain signature to a first log list, associating the first chain signature with the original, and sends a first certificate of custody including the first chain signature, to the sender of the original. Further, the first signature server 2 sends an arbitrary first chain signature in the log list to a second signature server 3, to receive a second certificate of custody. On the other hand, the second signature server 3 generates a second chain signature to the first chain signature received from the first signature server 2, adds the second chain signature to a second log list, associating the second chain signature with the first chain signature, and sends a second certificate of custody including the second chain signature, to the sender of the first chain signature. Further, the second signature server 3 sends an arbitrary second chain signature in the second log list to a public server 4.

40 Citations

View as Search Results

10 Claims

1. An original assurance method for assuring validity of original data using a plurality of first signature servers and a second signature server supervising said plurality of first signature servers, said method comprising:
- generating signatures for assuring validity of the original data; and
  
  performing verification of validity of the original data;
  
  wherein in the step of generating signatures for assuring validity, each of said plurality of first signature servers performs;
  
  a first log list registration step, when the first signature server receives digital data, of generating a digital signature for concatenation of said digital data and a first chain signature registered in a first log list, and adding said generated digital signature to said first log list;
  
  a first receipt transmission step of sending a first receipt including said first chain signature to a sender of the digital data; and
  
  a second receipt reception step of sending the first chain signature in said first log list to said second signature server, receiving a second receipt to the first chain signature from said second signature server, and storing said second receipt; and
  
  wherein in the step of generating signatures for assuring validity, said second signature server performs;
  
  a second log list registration step, when the second signature server receives a first chain signature from one of said plurality of first signature servers, of generating a digital signature for a concatenation of the first chain signature and a second chain signature registered in a second log list, and adding the generated digital signature to said second log list;
  
  a second receipt transmission step of sending a second receipt including said second chain signature to said one of said plurality of first signature servers; and
  
  a transmission management step of sending a second chain signature in said second log list to an external server;
  
  wherein in the step of performing verification of validity of the original data, each of said plurality of first signature servers performs;
  
  a first log list verification step, when the first signature server receives a first receipt with respect to original data, as an object of verification, of verifying each of first chain signatures ranging from a first chain signature included in said first receipt to a first chain signature that has been sent to said second signature server; and
  
  a second receipt transmission step of sending a second receipt to said second signature server, wherein the second receipt is received from said second signature server by sending the first chain signature to said second signature server; and
  
  wherein in the step of performing verification of validity of the original data, said second signature server performs;
  
  a second log list verification step, when the second signature server receives the second receipt from said first signature server, of verifying each of second chain signatures ranging from a second chain signature included in said second receipt to a second chain signature sent to said external server.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The original assurance method according to claim 1, wherein:
    - said external server holds the second chain signature received from said second signature server, in a state in which a browser terminal can browse at least said second chain signature.
  - 3. The original assurance method according to claim 1, wherein:
    - in the step of performing said verification of validity of the original data, each of said first signature servers performs a step of comparing the first chain signature included in the first receipt with respect to the original data, as the object of verification, with the first chain signature registered in said first log list, to verify said first chain signature.
  - 4. The original assurance method according to claim 1, wherein:
    - in the step of performing said verification of validity of the original data, said second signature server performs a step of comparing the second chain signature included in said second receipt received from said first signature server, with the second chain signature registered in a part of said second log list, to verify said second chain signature.
  - 5. The original assurance method according to claim 1, wherein:
    - in the step of performing said verification of validity of the original data, said second signature server performs a step of acquiring the second chain signature that the second signature server has sent to said external server, and a step of comparing the acquired second chain signature with the second chain signature registered in a part of said second log list, to verify said second chain signature.
  - 6. A computer-readable storage device, tangibly embodying a program of instructions operable on a computer to execute each of the steps performed by said first signature server in the original assurance method according to claim 1.
  - 7. A computer-readable storage device, tangibly embodying a program of instructions operable on a computer to execute each of the steps performed by said second signature server in the original assurance method according to claim 1.

8. An original assurance system that assures validity of original data, comprising:
- a plurality of first signature servers; and
  
  a second signature server supervising said plurality of first signature servers;
  
  wherein each of said plurality of first signature servers comprises;
  
  a signature generation unit for generating, when the first signature server in question receives digital data as original data, as an object of assurance, a digital signature for a concatenation of said digital data and a first chain signature registered in a first log list, and adds the generated digital signature to said first log list, which is stored in a storage unit, associating said first chain signature with said digital data;
  
  a network interface unit for sending a first receipt including said first chain signature to a sender of the digital data; and
  
  a network interface unit for sending a first chain signature in said first log list to said second signature server, receiving a second receipt to said first chain signature from said second signature server, and storing said second receipt in the storage unit; and
  
  wherein said second signature server comprises;
  
  a signature generation unit for generating, when the second signature server receives a first chain signature from one of said plurality of first signature servers, a digital signature for a concatenation of the first chain signature and a second chain signature registered in a second log list, and adding said digital signature as a second chain signature to said second log list, which is stored in a storage unit;
  
  a network interface unit for sending a second receipt including said second chain signature to said one of said plurality of first signature servers; and
  
  a network interface unit for sending second chain signature in said second log list to an external server;
  
  wherein each of said plurality of first signature servers further comprises;
  
  a signature verification unit for verifying, when the first signature server receives a first receipt with respect to original data, as an object of verification, each of first chain signatures ranging from a first chain signature included in said first receipt to a first chain signature that has been sent to said second signature server; and
  
  a network interface unit for sending to said second signature server a second receipt, which is received from said second signature server by sending the first chain signature to said second signature server; and
  
  wherein said second signature server further comprises;
  
  a signature verification unit for verifying, when the second signature server receives the second receipt from said first signature server, each of second chain signatures ranging from a second chain signature included in said second receipt to a second chain signature sent to said external server.

9. A first signature server used in an original assurance system that assures validity of original data comprising:
- a signature generation unit for generating, when the first signature server receives digital data as original data, as an object of assurance, a digital signature for a concatenation of said digital data and a first chain signature registered in a first log list, and adding the generated digital signature to said first log list, which is stored in a storage unit, associating said first chain signature with said digital data;
  
  a network interface unit for sending a first receipt including said first chain signature to a sender of the digital data;
  
  a network interface unit for sending a first chain signature in said first log list to a second signature server, receiving second receipt to said first chain signature from said second signature server, and storing said second receipt in the storage unit;
  
  a signature verification unit for verifying, when the first signature server receives a first receipt with respect to original data, as an object of verification, each of first chain signatures ranging from a first chain signature included in said first receipt to a first chain signature that has been sent to said second signature server; and
  
  a network interface unit for sending to said second signature server a second receipt, which is received from said second signature server by sending the first chain signature to said second signature server.

10. A second signature server used in an original assurance system that assures validity of original data, comprising:
- a signature generation unit for generating, when the second signature server receives a first chain signature from one of a plurality of first signature servers, a digital signature for a concatenation of the first chain signature and a second chain signature registered in a second log list, and adding the generated digital signature to said second log list, which is stored in a storage unit;
  
  a network interface unit for sending a second receipt including said second chain signature to said one of said plurality of first signature servers;
  
  a network interface unit for sending a second chain signature in said second log list to an external server; and
  
  a signature verification unit for verifying, when the second signature server receives the second receipt from said first signature server, each of second chain signatures ranging from a second chain signature included in said second receipt to a second chain signature sent to said external server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hitachi, Ltd.
Original Assignee
Hitachi, Ltd.
Inventors
Kikuchi, Koji, Honda, Yoshinori, Tanigawa, Yoshinobu
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Tolentino; Roderick

Application Number

US10/234,462
Publication Number

US 20040006692A1
Time in Patent Office

1,783 Days
Field of Search

None
US Class Current

713/176
CPC Class Codes

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04L 9/50   using hash chains, e.g. blo...

Method and system for assuring an original

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

40 Citations

10 Claims

Specification

Use Cases

Quick Links

Others

Method and system for assuring an original

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

10 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others