Digital-signed digital document exchange supporting method and information processor

US 7,533,269 B2
Filed: 01/31/2005
Issued: 05/12/2009
Est. Priority Date: 11/29/2004
Status: Expired due to Fees

First Claim

Patent Images

1. An information processor for supporting an exchange of a digital-signed digital document, the processor comprising:

communication means connected to a network; and

processing means for, when the communication means receives a sign request including a first digital document from a first computer on the network, canonicalizing the first digital document by a method of implementing a canonicalization process, calculating a digest value of the canonicalized first digital document, and causing the communication means to output the digest value to the first computer,wherein the processing means is further adapted to perform the steps of;

when the communication means receives a sign request including a second digital document from a second computer on the network, canonicalizing the second digital document by the same method of implementing the canonicalization process, calculating a digest value of the canonicalized second digital document, and causing the communication means to output the digest value to the second computer, andwhen the communication means receives from one of the first and second computers on the network a validation request including a public key for validating a digital document with a digital sign and the digital document with the digital sign has been received from the other one of the first and second computers, canonicalizing the digital document by the same method of implementing the canonicalization process, calculating a digest value of the canonicalized digital document, comparing a value obtained by decrypting the digital sign with the public key and the calculated digest value, and causing the communication means output the result of the comparison to the computer which sent the validation request.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In response to a sign request including a digital document from a document-creating device 10, a digital-signed-document exchange supporting server 30 canonicalizes the digital document, calculates a digest value thereof, and returns the digest value to the document creating device. When the document-creating device transmits a digital sign created by encrypting the digest value to the digital-signed-digital document exchange-supporting server 30, the server 30 creates a digital-signed document from the digital sign and the digital document, and returns the document to the document-creating device. On the other hand, in response to a validation request including a digital-signed-digital document and a public key from a sign validating device 20, the server 30 compares a value resulting from the decryption of the digital sign with the public key and a digest value of the digital document canonicalized and returns the result to the sign validating device.

Citations

9 Claims

1. An information processor for supporting an exchange of a digital-signed digital document, the processor comprising:
- communication means connected to a network; and
  
  processing means for, when the communication means receives a sign request including a first digital document from a first computer on the network, canonicalizing the first digital document by a method of implementing a canonicalization process, calculating a digest value of the canonicalized first digital document, and causing the communication means to output the digest value to the first computer,wherein the processing means is further adapted to perform the steps of;
  
  when the communication means receives a sign request including a second digital document from a second computer on the network, canonicalizing the second digital document by the same method of implementing the canonicalization process, calculating a digest value of the canonicalized second digital document, and causing the communication means to output the digest value to the second computer, andwhen the communication means receives from one of the first and second computers on the network a validation request including a public key for validating a digital document with a digital sign and the digital document with the digital sign has been received from the other one of the first and second computers, canonicalizing the digital document by the same method of implementing the canonicalization process, calculating a digest value of the canonicalized digital document, comparing a value obtained by decrypting the digital sign with the public key and the calculated digest value, and causing the communication means output the result of the comparison to the computer which sent the validation request.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The processor of claim 1, wherein the processing means is adapted, when the validation request includes a self-sign certificate of a certificate authority, to validate the public key by using the self-sign certificate as a trust anchor.
  - 3. The processor of claim 1, comprising:
    - storage means for storing sign validation history information,wherein the processing means is adapted, when a value obtained by decrypting the digital sign and a digest value of the second digital document are compared, to store, as the sign validation history information, information including the second digital document with the digital sign, a result of the comparison and identification information of the second computer in the storage means.
  - 4. The processor of claim 1, comprising:
    - storage means for storing sign history information,wherein the processing means is adapted, when the first digital document with the digital sign is calculated, to store, as the sign history information, information including the first digital document with the digital sign and identification information of the first computer in the storage means.
  - 5. The processor of claim 1, comprising:
    - storage means for storing a digital document to be canonicalized before a digital sign thereof is created; and
      
      input receiving means for receiving a command for adding a digital sign to the digital document;
      
      wherein the processing means for, when the input receiving means receives the command for adding, causing the communication means to output a sign request including the digital document to a server on the network, when the communication means receives a digest value of the digital document from the server, creating the digital sign by encrypting the digest value and cause the communication means to output the digital sign to the server, and, when the communication means receives the digital document with the digital sign created from the digital sign and the digital document from the server, storing the digital document with the digital sign in the storage means.
  - 6. The processor of claim 1, comprising:
    - storage means which stores a digital document with a digital sign;
      
      input receiving means which receives an input of a command for validating the digital sign; and
      
      control means for, when the input receiving means receives an input of the command for validating, causing the communication means to output a validation request including the digital document with the digital sign and a public key for validating the digital sign to a server on the network, and, when the communication means receives a result of a comparison between a digest value of the digital document and a value obtained by decrypting the digital sign with the public key, outputting the result of the comparison.

7. A digital-signed digital document exchange supporting method in which a server having communication means connecting to a network and processing means supports an exchange of a digital document with a digital sign on the network in calculating a digest value of a digital document, the method comprising the steps of:
- when the communication means receives a sign request including a first digital document from a first computer on the network, canonicalizing the first digital document by a method of implementing a canonicalization process, calculating a digest value of the canonicalized first digital document, and causing the communication means to output the digest value to the first computer,when the communication means receives a sign request including a second digital document from a second computer on the network, canonicalizing the second digital document by the same method of implementing the canonicalization process, calculating a digest value of the canonicalized second digital document, and causing the communication means to output the digest value to the second computer, and when the communication means receives from one of the first and second computers on the network a validation request including a public key for validating a digital document with a digital sign and the digital document with the digital sign has been received from the other one of the first and second computers, canonicalizing the digital document by the same method of implementing the canonicalization process, calculating a digest value of the canonicalized digital document, comparing a value obtained by decrypting the digital sign with the public key and the calculated digest value, and causing the communication means to output the result of the comparison to the computer which sent the validation request.
- View Dependent Claims (8, 9)
- - 8. The method of claim 7, comprising the step of, when the validation request includes a self-sign certificate of a certificate authority, validating the public key by using the self-sign certificate as a trust anchor by the processing means.
  - 9. A computer-readable storage medium having a program embodied thereon, the program, when implemented by a computer server, controls the server to perform the method steps of claim 7.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hitachi, Ltd.
Original Assignee
Hitachi, Ltd.
Inventors
Hane, Shingo, Shimonosono, Hitoshi, Kumagai, Yoko, Fujishiro, Takahiro, Kaji, Tadashi
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
RAHIM, MONJUR

Application Number

US11/045,133
Publication Number

US 20060168650A1
Time in Patent Office

1,562 Days
Field of Search

382/100, 705/35, 713/176, 726/32
US Class Current

713/176
CPC Class Codes

G06F 21/64   Protecting data integrity, ...

H04L 2209/68   Special signature format, e...

H04L 2463/103   applying security measure f...

H04L 63/123   received data contents, e.g...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

Digital-signed digital document exchange supporting method and information processor

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Digital-signed digital document exchange supporting method and information processor

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links