Logging system and method based on one-way hash function

US 8,386,774 B2
Filed: 12/17/2008
Issued: 02/26/2013
Est. Priority Date: 03/04/2008
Status: Active Grant

First Claim

Patent Images

1. A logging system based on a one-way hash function, comprising:

a user system, for recording a log file, initializing a message authentication code (MAC) key and an image code, adding a logging unit in the log file according to an event verification request, using the one-way hash function to generate a check value and generating an event verification response according to the check value and an image code sequence;

a verifier, for transmitting the event verification request to the user system and after receiving the event verification response, using the one-way hash function to check the correctness of the received image code sequence from the user system; and

a trusted third party, for receiving the initialized MAC key from the user system, receiving the check value and the image code sequence from the verifier, calculating a latest MAC key according to the initialized MAC key and the image code sequence, using the one-way hash function to check the correctness of the check value and the image code sequence and returning a log of a verification succeeded message to the user system if the image code sequence obtained by the hash calculation equals to the check value;

wherein the trusted third party is controlled by a first company, the verifier is controlled by a second company, the first company is different from the second company, and datum transmitted among the verifier, the user system and the trusted third party are unencrypted.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A logging system and method based on a one-way hash function are described. The system includes a user system, a trusted third party, and a verifier. The method includes the following steps. The user system records a log file and initializes a message authentication code key and an image code. When the verifier requests the user system for a logging unit corresponding to an operation history, the user system uses a one-way hash function to calculate a check value and returns the check value and an image code sequence. The verifier then verifies the integrity of the check value and the image code sequence through the trusted third party. The trusted third party checks if the image code sequence obtained by the hash calculation equals to the check value through the one-way hash function, so as to verify that the log file of the user system has not been modified.

6 Citations

View as Search Results

17 Claims

1. A logging system based on a one-way hash function, comprising:
- a user system, for recording a log file, initializing a message authentication code (MAC) key and an image code, adding a logging unit in the log file according to an event verification request, using the one-way hash function to generate a check value and generating an event verification response according to the check value and an image code sequence;
  
  a verifier, for transmitting the event verification request to the user system and after receiving the event verification response, using the one-way hash function to check the correctness of the received image code sequence from the user system; and
  
  a trusted third party, for receiving the initialized MAC key from the user system, receiving the check value and the image code sequence from the verifier, calculating a latest MAC key according to the initialized MAC key and the image code sequence, using the one-way hash function to check the correctness of the check value and the image code sequence and returning a log of a verification succeeded message to the user system if the image code sequence obtained by the hash calculation equals to the check value;
  
  wherein the trusted third party is controlled by a first company, the verifier is controlled by a second company, the first company is different from the second company, and datum transmitted among the verifier, the user system and the trusted third party are unencrypted.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The logging system as claimed in claim 1, wherein the image code is generated by the use of the one-way hash function according to the image code sequence and a timestamp and event context.
  - 3. The logging system as claimed in claim 1, wherein the log file comprises a plurality of other logging units, a content of one of the logging units is selected from among an event number, a timestamp, an event context, and an other image code.
  - 4. The logging system as claimed in claim 3, wherein the image code sequence is comprised of the image codes of the logging units.
  - 5. The logging system as claimed in claim 3, wherein after recording the logging units, the user system updates the MAC key by the use of an MAC function according to the image code of the finally recorded logging unit and a preceding MAC key.
  - 6. The logging system as claimed in claim 1, wherein after updating the MAC key, the user system transmits the updated MAC key to the trusted third party.
  - 7. The logging system as claimed in claim 1, wherein when closing the log file, the user system further calculates a new check value by the use of the one-way hash function according to the MAC key at that time and deletes all the MAC keys.

8. A logging method based on a one-way hash function, for recording and verifying an operation log of a user system, comprising:
- initializing a message authentication code (MAC) key and an image code in the user system recording a log file;
  
  transmitting the initialized MAC key from the user system to a trusted third party;
  
  adding a logging unit according to an operation history and updating the logging unit into the log file when the user system receives an event verification request from a verifier;
  
  using a one-way hash function to calculate so as to generate a check value and an image code sequence serving as an event verification response according to the event verification request;
  
  transmitting the check value and the image code sequence from the user system to the verifier;
  
  using the one-way hash function to check a correctness of the image code sequence corresponding to the event verification request after the verifier receives the check value and the image code sequence;
  
  transmitting the received check value and the checked image code sequence from the verifier to the trusted third party; and
  
  using the one-way hash function to check the correctness of the check value and the image code sequence after the trusted third party receives the check value and the image code sequence and returning a log of a verification succeeded message to the user system if the image code sequence obtained by the hash calculation equals to the check value;
  
  wherein the trusted third party is controlled by a first company, the verifier is controlled by a second company, the first company is different from the second company, and datum transmitted among the verifier, the user system and the trusted third party are unencrypted.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 9. The logging method as claimed in claim 8, wherein the step of adding the logging unit further comprises:
    - generating the logging unit according to a time when the user system operates; and
      
      recording the logging unit at the end of the log file.
  - 10. The logging method as claimed in claim 8, wherein a content of the logging unit is selected from among an event number, a timestamp, event context, and the image code.
  - 11. The logging method as claimed in claim 10, wherein the step of adding the logging unit further comprises updating the image code, and the image code is generated by the use of the one-way hash function according to the image code sequence and the timestamp and the event context.
  - 12. The logging method as claimed in claim 8, wherein the log file comprises other logging units, and the image code sequence is comprised of the image codes of the logging units.
  - 13. The logging method as claimed in claim 8, wherein after recording the added logging unit, the user system updates the MAC key by the use of an MAC function according to the image code of the finally recorded logging unit.
  - 14. The logging method as claimed in claim 8, wherein the step of receiving the event verification request further comprises:
    - generating a new logging unit according to the event verification request and recording the new logging unit into the log file;
      
      calculating the MAC key corresponding to the logging unit of the event verification request; and
      
      using the one-way hash function to calculate the check value and transmitting the check value, the logging units corresponding to events to be verified by the event verification request, the initialized image code, and the image code sequence to the verifier.
  - 15. The logging method as claimed in claim 8, wherein the step of using the one-way hash function to check the correctness of the image code corresponding to the event verification request comprises:
    - respectively substituting event numbers, timestamps, event contexts, and corresponding image code sequences of multiple events to be verified by the event verification request into the one-way hash function operation; and
      
      comparing the operation results to determine if matching the image codes of the events to be verified and recording a log of the comparison result.
  - 16. The logging method as claimed in claim 8, wherein after updating the MAC key, the user system transmits the updated MAC key to the trusted third party.
  - 17. The logging method as claimed in claim 8, wherein when closing the log file, the user system further calculates a new check value by the use of the one-way hash function according to the MAC key at that time and deletes all the MAC keys.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Industrial Technology Research Institute
Original Assignee
Industrial Technology Research Institute
Inventors
Lin, Chih-Yin
Primary Examiner(s)
TRAN, ELLEN C

Application Number

US12/337,367
Publication Number

US 20090228701A1
Time in Patent Office

1,532 Days
Field of Search

713/155, 713/179, 713/180, 713/181
US Class Current

713/155
CPC Class Codes

H04L 9/083   involving central third par...

H04L 9/321   involving a third party or ...

H04L 9/3242   involving keyed hash functi...

H04L 9/3297   involving time stamps, e.g....

Logging system and method based on one-way hash function

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

6 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Logging system and method based on one-way hash function

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

6 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links