Method and system for recovering the validity of cryptographically signed digital data
First Claim
1. A method for verifying a first log entry for a corresponding first message included in a first log comprising a plurality of log entries, wherein each log entry includes a hash value (Hmsg) determined from a message corresponding to said each entry, wherein said each log entry further includes a hash value (Hlog) determined from a previous log entry, wherein said each log entry further includes a signature value determined from the hash values Hmsg and Hlog, wherein one or more log entries among log entries Pl to Pk are checkpointed, the method comprising operating a computer to perform steps of:
- receiving information for a log entry Pj having a corresponding message Mj;
determining an index m, where l≧
m≧
k and m>
j;
determining a hash value H by applying a hashing function on log entries Pj to Pm−
1;
judging whether the hash value H is equal to a hash value associated with a subsequent log entry; and
outputting a result of the judging step.
0 Assignments
0 Petitions
Accused Products
Abstract
According to the present invention, techniques, including a method and system, for restoring and/or validating data and/or associated signature log entries are provided. One embodiment of the present invention provides a method for validating a restored message, having an entry generated in a signature log for a message, where the entry includes cryptographic information associated with the message. Next, when said message is lost, the restored message is generated responsive to a request; and the restored message is validated using the signature log. In another embodiment a method for validating a selected log entry by using a signature log having a plurality of recorded log entries is provided. The method includes: computing a cryptographic value for the selected log entry; and determining if the cryptographic value is part of another recorded log entry.
-
Citations
11 Claims
-
1. A method for verifying a first log entry for a corresponding first message included in a first log comprising a plurality of log entries, wherein each log entry includes a hash value (Hmsg) determined from a message corresponding to said each entry, wherein said each log entry further includes a hash value (Hlog) determined from a previous log entry, wherein said each log entry further includes a signature value determined from the hash values Hmsg and Hlog, wherein one or more log entries among log entries Pl to Pk are checkpointed, the method comprising operating a computer to perform steps of:
-
receiving information for a log entry Pj having a corresponding message Mj; determining an index m, where l≧
m≧
k and m>
j;determining a hash value H by applying a hashing function on log entries Pj to Pm−
1;judging whether the hash value H is equal to a hash value associated with a subsequent log entry; and outputting a result of the judging step. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for verifying a log entry for a message included in a first log, wherein each log entry Pi in the first log includes a hash value (Hmsg) of a message corresponding to Pi, a hash value (Hlog)of a previous log entry, and a signature value based Hmsg and Hlog, wherein one or more log entries among log entries Pl to Pk are checkpointed, the method comprising operating a computer to perform steps of:
-
receiving information for a first log entry Pj having a corresponding message Mj; receiving information for a second log entry Pl having a corresponding message Ml where l>
j;determining a hash value H by applying a hashing function on log entries Pj to Pl−
1;judging whether the hash value H is equal to a hash value associated with a subsequent log entry; and outputting a result of the judging step. - View Dependent Claims (7, 8, 9, 10, 11)
-
Specification
-
- Resources
-
Current AssigneeHitachi, Ltd.
-
Original AssigneeHitachi, Ltd.
-
InventorsMiyazaki, Kunihiko, Matsuki, Takeshi, Takaragi, Kazuo, Toyoshima, Hisashi, Susaki, Seiichi, Sasaki, Ryoichi, Yoshiura, Hiroshi
-
Primary Examiner(s)JUNG, DAVID YIUK
-
Application NumberUS11/199,615Publication NumberTime in Patent Office1,702 DaysField of Search713/150, 713/151, 713/153, 713/168US Class Current713/150CPC Class CodesG06F 21/64 Protecting data integrity, ...G06F 21/645 using a third partyG06F 2221/2101 Auditing as a secondary aspectG06Q 20/3825 Use of electronic signaturesH04L 2209/56 Financial cryptography, e.g...H04L 2209/60 Digital content management,...H04L 63/0428 wherein the data content is...H04L 63/12 Applying verification of th...H04L 9/3252 using DSA or related signat...H04L 9/50 using hash chains, e.g. blo...
