Systems and methods for authenticating and protecting the integrity of data streams and other data
First Claim
1. A method for encoding and transmitting a digital file in a manner designed to facilitate authentication of a streamed transmission of the digital file, the method including:
- generating a progression of check values, each check value in the progression being derived from at least one other check value in the progression and from a portion of the digital file;
transmitting the digital file and the progression of check values to a user'"'"'s system, whereby the user'"'"'s system is able to receive parts of the digital file and to use one or more received check values to authenticate said parts of the digital file before the entire digital file is received;
wherein the portion of the digital file comprises error-check values, each error-check value being inserted in proximity to a part of the digital file to which said error-check value corresponds, each error-check value being configured to facilitate authentication of a part of the digital file and a check value in the progression of check values.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed for enabling a recipient of a cryptographically-signed electronic communication to verify the authenticity of the communication on-the-fly using a signed chain of check values, the chain being constructed from the original content of the communication, and each check value in the chain being at least partially dependent on the signed root of the chain and a portion of the communication. Fault tolerance can be provided by including error-check values in the communication that enable a decoding device to maintain the chain'"'"'s security in the face of communication errors. In one embodiment, systems and methods are provided for enabling secure quasi-random access to a content file by constructing a hierarchy of hash values from the file, the hierarchy deriving its security in a manner similar to that used by the above-described chain. The hierarchy culminates with a signed hash that can be used to verify the integrity of other hash values in the hierarchy, and these other hash values can, in turn, be used to efficiently verify the authenticity of arbitrary portions of the content file.
-
Citations
19 Claims
-
1. A method for encoding and transmitting a digital file in a manner designed to facilitate authentication of a streamed transmission of the digital file, the method including:
-
generating a progression of check values, each check value in the progression being derived from at least one other check value in the progression and from a portion of the digital file; transmitting the digital file and the progression of check values to a user'"'"'s system, whereby the user'"'"'s system is able to receive parts of the digital file and to use one or more received check values to authenticate said parts of the digital file before the entire digital file is received; wherein the portion of the digital file comprises error-check values, each error-check value being inserted in proximity to a part of the digital file to which said error-check value corresponds, each error-check value being configured to facilitate authentication of a part of the digital file and a check value in the progression of check values. - View Dependent Claims (2, 3)
-
-
4. A non-transitory computer readable storage medium storing instructions that, when executed by a processor, are configured to cause the processor to perform a method for encoding a data block in a manner designed to facilitate authentication of a streamed transmission of the data block, the method including:
-
generating a progression of data check values, wherein each data check value is derived, at least in part, from (i) at least one other data check value in the progression, and (ii) a hash of a portion of the data block; encoding the data block by inserting a plurality of error-check values into the data block, each error-check value being inserted in proximity to a part of the data block to which the error-check value corresponds, and each error-check value being operable to facilitate authentication of part of the data block and of a data check value in the progression of data check values; and sending a streamed transmission of the encoded data block to a user'"'"'s system, whereby the user'"'"'s system is configured to receive and authenticate portions of the streamed transmission before the entire encoded data block is received. - View Dependent Claims (5, 6, 7, 8, 9)
-
-
10. A non-transitory computer readable storage medium storing instructions that, when executed by a processor, are configured to cause the processor to perform a method for verifying the integrity of a block of data, the method including:
-
receiving a first portion of the block of data; receiving first and second check values in a chain of check values, wherein each check value in the chain is derived from a corresponding transformed portion of the block of data and from at least one other check value in the chain, and wherein the first portion of the block of data comprises at least one error-check value inserted in proximity to the first portion of the block of data; verifying the integrity of the first portion of the block of data and the second check value using, at least in part, the first check value and the at least one error-check value; and allowing at least one use of the first portion of the block of data if the integrity of said first portion is successfully verified. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. In a computer-implemented decoding system comprising a processor and a memory, a method for authenticating data as performed by the processor, the method including:
-
receiving a first sub-block of the data, a first check value, and a second check value, wherein the first check value and the second check value form part of a progression of check values associated with the data, each check value in the progression being derived, at least in part, from (i) a sub-block of the data, and (ii) at least one other check value in the progression, and wherein the first sub-block of data comprises at least one error-check value; using the at least one error-check value to detect a corruption of the integrity of the first sub-block of the data; recording detection of the corruption; and using the first check value and the at least one error-check value to verify the integrity of the second check value. - View Dependent Claims (17, 18, 19)
-
Specification