US2006288216A1PendingUtilityA1
Long-term secure digital signatures
Est. expiryMar 4, 2023(expired)· nominal 20-yr term from priority
H04L 9/3297H04L 9/3247H04L 9/3234H04L 2209/60G06F 17/00H04L 9/32G06F 15/00
42
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
The present invention relates to digitally signing of electronic documents which are to be kept secure for a very long time, thereby taking into account future cryptographic developments which could render current cryptographic key-lengths insufficient. In accordance with the invention a double signature is issued for each document. A first digital signature (DTS) ensures the long time security, whilst a second digital signature (DUS) ensures the involvement of an individual user. Thereby, the second digital signature is less computationally intensive in its generation than the first digital signature.
Claims
exact text as granted — not AI-modified1 . A method comprising: digitally signing an electronic document for long term security purposes, the step of digitally signing comprising the steps of:
marking electronic document with a digital mark forming a marked electronic document, and signing the marked electronic document with a first digital signature forming a signed electronic document, wherein the signed electronic document is signed with a second digital signature that is less computationally intensive in its generation than the first digital signature.
2 . The method according to claim 1 , further comprising
generating the digital mark to be dependent upon the content of the electronic document; and generating the first digital signature using the digital mark.
3 . The method according to claim 1 , further comprising
providing the electronic document and the first digital signature to a client computer; and using a cryptographic token to generate the second digital signature that depends on the content of the electronic document and the first digital signature.
4 . The method according to claim 3 , wherein the cryptographic token is related to at least one of an individual user and a user group.
5 . The method according to claim 1 , wherein the digital mark comprises a unique number that is at least one of a sequence number, a timestamp, and a value derived thereof.
6 . The method according to claim 1 , wherein the second digital signature is based on a shorter cryptographic key then the first digital signature.
7 . The method according to claim 1 , further comprising signing the signed electronic document additionally with a third digital signature.
8 . A method according to claim 1 , further comprising: employing a computer device for performing the signing of the second digital signature.
9 . The method according to claim 8 wherein the computer device comprising an electronic smart card reader for reading a smart card.
10 . A system for digitally signing an electronic document for long term security purposes, the system comprising:
a document repository for storing and providing the electronic document; a digital signature computing device connected to the document repository for deriving from a digital mark and the electronic document a first digital signature; and a cryptographic device for generating a second digital signature that is less computationally intensive in its generation than the first digital signature.
11 . The system according to claim 10 , wherein the digital signature computing device comprises a tamperproof clock.
12 . The system according to claim 1 , wherein the cryptographic device comprises an internal clock for verifying a predefined time-interval between the issuance of the digital mark signature and the second digital signature.
13 . The system according to claim 10 , used for verifying the digital signed electronic document using a first public key corresponding to the first digital signature and a second public key corresponding to the second digital signature.
14 . A method comprising verifying an electronic document that has been digitally signed by a first digital signature using a digital mark, and signed by a second digital signature forming a digitally signed electronic document, the step of verifying comprising the step of:
verifying a validity of the digitally signed electronic document by using a first public key corresponding to the first digital signature and a second public key corresponding to the second digital signature, said second digital signature being less computationally intensive in its generation than the first digital signature.
15 . The method according to claim 14 , further comprising:
generating the digital mark to be dependent upon the content of the electronic document; and generating the first digital signature using the digital mark.
16 . An article of manufacture comprising a computer usable medium having computer readable program code means embodied therein for causing functions of signing an electronic document, the computer readable program code means in said article of manufacture comprising computer readable program code means for causing a computer to effect the steps of:
marking electronic document with a digital mark forming a marked electronic document, and signing the marked electronic document with a first digital signature forming a signed electronic document, wherein the signed electronic document is signed with a second digital signature that is less computationally intensive in its generation than the first digital signature.
17 . A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for signing an electronic document, said method steps comprising the steps of claim 1 .
18 . A computer program product comprising a computer usable medium having computer readable program code means embodied therein for causing functions of a system for digitally signing an electronic document, the computer readable program code means in said computer program product comprising computer readable program code means for causing a computer to effect the functions of;
a document repository for storing and providing the electronic document; a digital signature computing device connected to the document repository for deriving from a digital mark and the electronic document a first digital signature; and a cryptographic device for generating a second digital signature that is less computationally intensive in its generation than the first digital signature.
19 . An article of manufacture comprising a computer usable medium having computer readable program code means embodied therein for causing verification of an electronic document, the computer readable program code means in said article of manufacture comprising computer readable program code means for causing a computer to effect the steps of claim 14 .
20 . A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for verifying an electronic document, said method steps comprising the steps of claim 14.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.