US2007168291A1PendingUtilityA1

Electronic negotiable documents

48
Assignee: LANDROCK PETERPriority: Feb 8, 1995Filed: Feb 20, 2007Published: Jul 19, 2007
Est. expiryFeb 8, 2015(expired)· nominal 20-yr term from priority
Inventors:Peter Landrock
H04L 9/3263G06Q 50/18G06Q 20/3825H04L 2209/608H04L 9/3247G06F 21/64H04L 2209/56G06Q 20/06G06Q 50/188G06Q 20/04G06Q 10/10G06F 21/6209G07F 7/1016G06F 2221/2153H04L 9/3297G06Q 20/0425
48
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A method of electronically issuing an electronic negotiable document (END) includes the steps of creating as data an END and storing this in tamper-resistant document carrier hardware containing a unique public-secret key pair for signing and verifying, and a unique document-carrier identifier; signing the unique document-carrier identifier; the END and an END identifier using the secret key of the public-secret key pair; and storing a result of that signing in the tamper-resistant document-carrier hardware, such that the secret key is not accessible to an owner of the tamper-resistant document carrier hardware.

Claims

exact text as granted — not AI-modified
1 . A method of electronically issuing an electronic negotiable document (END), the method comprising: 
 creating as data an END and storing this in tamper-resistant document carrier hardware, the document carrier hardware containing a unique public-secret key pair for signing and verifying, and a unique document-carrier identifier;    signing the unique document-carrier identifier, the END and an END identifier using the secret key of the public-secret key pair; and    storing a result of said signing in said tamper-resistant document-carrier hardware, such that said secret key is not accessible to an owner of said tamper-resistant document carrier hardware.    
   
   
       2 . A method as claimed in  claim 1  wherein said result of said signing comprises a digital signature, and wherein said digital signature is only accessible by other said tamper-resistant document carrier hardware, encrypted by a public key of said other tamper-resistant document carrier hardware.  
   
   
       3 . A method as claimed in  claim 2  wherein said encrypted digital signature is only accessible once.  
   
   
       4 . A method according to  claim 1  of issuing an END, further comprising generating a time stamp representing the time of issue and storing this with the END in the tamper-resistant document carrier hardware before the signing step, and including the step of calculating a hash value of one or both of the END and the time stamp value and storing this hash value instead of the full END in the tamper-resistant document carrier hardware, before the said signing step.  
   
   
       5 . A method according to  claim 1  of issuing an END, in which the document carrier hardware stores a negotiability status flag indicative of whether the END stored therein is negotiable or non-negotiable, and including the step of setting the flag to “negotiable” after the result of the encryption has been stored in the document carrier hardware.  
   
   
       6 . A method according to  claim 1  of issuing an END, in which the document carrier hardware includes a counter for counting a serial number, indicative of the number of times that the END has been negotiated since issue, and comprising the step of setting the counter to zero after the result of the encryption has been stored in the document carrier hardware.  
   
   
       7 . Tamper-resistant document carrier hardware adapted to store an END in accordance with the method of  claim 1 , said hardware comprising read only software for controlling the steps of storing the END, encrypting the END and other data with said secret key, and storing the result in a memory.  
   
   
       8 . A method of electronically negotiating an END between a seller and a buyer, said seller and said buyer each possessing tamper-resistant document carrier hardware having its own public-secret key pair, the method comprising: 
 providing an END stored in tamper-resistant document carrier hardware of a seller in the form of END data with a signature generated by a secret key of a document carrier of the issuer of the END, and with a negotiability status flag indicative of whether the END is currently negotiable from said tamper-resistant document carrier hardware of said seller, said tamper-resistant document carrier hardware of said seller having its own public-secret key and being configured such that said secret key of said public-secret key pair is not accessible to said seller;    establishing mutual recognition between said seller and a buyer using one or more predetermined protocols between said tamper-resistant document carrier hardware of said seller and tamper-resistant document carrier hardware of said buyer, said tamper-resistant document carrier hardware of said buyer having its own public-secret key and being configured such that said secret key of said public-secret key pair is not accessible to said buyer;    verifying in said tamper-resistant document carrier hardware of said seller that said negotiability status flag is “negotiable” and aborting the negotiation if not;    sending said public key of said tamper-resistant document carrier hardware of said buyer to said tamper-resistant document carrier hardware of said seller;    using said public key of said tamper-resistant document carrier hardware of said buyer in said tamper-resistant document carrier hardware of said seller to encrypt a message comprising said signature, said END and said negotiability status flag;    sending said encrypted message to said tamper-resistant document carrier hardware of said buyer;    decrypting said encrypted message in said tamper-resistant document carrier hardware of said buyer using said secret key of said tamper-resistant document carrier hardware of said buyer; and    setting a negotiability status flag for said END in said tamper-resistant document carrier hardware of said buyer and said seller respectively to “negotiable” and “non-negotiable”.    
   
   
       9 . A method according to  claim 8  in which said tamper-resistant document carrier hardware of each of said buyer and said seller carries a digital certificate comprising a digital signature of a unique identifier and of said public key of said tamper-resistant document carrier hardware, the method further comprising sending said digital certificate of said tamper-resistant document carrier hardware of said buyer to said tamper-resistant document carrier hardware of said seller, authenticating said digital certificate of said tamper-resistant document carrier hardware of said buyer, and aborting said negotiation if said authenticating fails.  
   
   
       10 . A method according to  claim 9  in which a digital certificate unique to document carrier hardware on which said END was originally issued is stored with said END in said tamper-resistant document carrier hardware of said seller.  
   
   
       11 . A method according to  claim 8  further comprising, prior to said negotiating of said END, electronically issuing said END by: 
 creating as data an END and storing this in tamper-resistant document carrier hardware, the document carrier hardware containing a unique public-secret key pair for signing and verifying, and a unique document-carrier identifier;    signing the unique document-carrier identifier, the END and an END identifier using the secret key of the public-secret key pair; and    storing a result of said signing in said tamper-resistant document-carrier hardware, such that said secret key is not accessible to an owner of said tamper-resistant document carrier hardware.    
   
   
       12 . A method according to  claim 8  wherein said END has a predetermined period of validity, the method further comprising: 
 inhibiting recovery of a lost END until expire of said predetermined period of validity of the END; and    after said expire performing one or both of:    recovering negotiation of an END which has previously broken down, by providing said tamper-resistant document carrier hardware of said buyer with said secret key of said tamper-resistant document carrier hardware of said buyer which is not accessible to said buyer, reproduced by an issuer of said secret key or by a trusted third party; and    recovering an END lost from primary said tamper-resistant document carrier hardware, by activating back-up tamper-resistant document carrier hardware which has previously been provided with back-up data reproduced from said primary tamper-resistant document carrier hardware.    
   
   
       13 . A method of electronically negotiating an END between a seller and a buyer, said seller and said buyer each possessing tamper-resistant document carrier hardware having its own public-secret key pair, the method comprising: 
 providing an END stored in tamper-resistant document carrier hardware of a seller in the form of END data with a signature generated by a secret signing-key of a document carrier of the issuer of said END, and a serial number counter indicative of a number of times that said END has been negotiated since issue, said tamper-resistant document carrier hardware of said seller having its own public-secret key and being configured such that said secret key of said public-secret key pair is not accessible to said seller;    establishing mutual recognition between said seller and said buyer using one or more predetermined protocols between said tamper-resistant document carrier hardware of said seller and tamper-resistant document carrier hardware of said buyer, said tamper-resistant document carrier hardware of said buyer having its own public-secret key and being configured such that said secret key of said public-secret key pair is not accessible to said buyer;    verifying in said tamper-resistant document carrier hardware of said seller that said END, if it has been stored previously in said tamper-resistant document carrier hardware of said seller, has a different counter value this time and is therefore negotiable;    sending said public key of said tamper-resistant document carrier hardware of said buyer to said tamper-resistant document carrier hardware of said seller;    using said public key of said tamper-resistant document carrier hardware of said buyer in said tamper-resistant document carrier hardware of said seller to encrypt a message comprising said signature, said END and a value of said counter;    sending said encrypted message to said tamper-resistant document carrier hardware of said buyer;    decrypting said encrypted message in said tamper-resistant document carrier hardware of said buyer using said secret key of said tamper-resistant document carrier hardware of said buyer; and    incrementing said counter by one.    
   
   
       14 . A method according to  claim 13  wherein said END has a predetermined period of validity, the method further comprising: 
 inhibiting recovery of a lost END until expire of said predetermined period of validity of the END; and    after said expire performing one or both of:    recovering negotiation of an END which has previously broken down, by providing said tamper-resistant document carrier hardware of said buyer with said secret key of said tamper-resistant document carrier hardware of said buyer which is not accessible to said buyer, reproduced by an issuer of said secret key or by a trusted third party; and    recovering an END lost from primary said tamper-resistant document carrier hardware, by activating back-up tamper-resistant document carrier hardware which has previously been provided with back-up data reproduced from said primary tamper-resistant document carrier hardware.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.