[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

EPA-patent auf Extra-Info bei digitalen Signaturen



EP0328232 B1 
Public key/signature cryptosystem with enhanced digital signature certification. 
FISCHER ADDISON M


   Claims
   
   1. In a communications system having a plurality of terminal devices
   (Terminals A to N) coupled to an insecure communications channel (12)
   over which users of said terminal devices may exchange private
   messages, each of said user's having a public key (30) and an
   associated private key (32), an improved method of digitally signing
   and certifying a message to be transmitted characterized by the steps
   of:
   formulating at least a portion of a digital message (20);
   digitally signing said message (40); and
   including within said message an authorizing certificate (28, 116)
   which specifies the authority which has been granted to the signer of
   said message.
   2. A method according to claim 1, further including the step of
   providing at least one field in said message identifying the nature of
   the digital data being transmitted (22).
   3. A method according to claim 1, wherein the formulating step
   includes the step of providing a field allowing the user to insert a
   predetermined comment (26) regarding the data being transmitted.
   4. A method according to claim 1, further including the step of
   applying a hashing function (34) to at least a portion of the message
   to be transmitted to form a presignature hash (36); and wherein said
   digitally signing step includes the step of decrypting said
   presignature hash with said private decrypting key (32) to form said
   digital signature.
   5. A method according to claim 4, further including the step of
   forming a digital signature packet (42) comprising the digital
   signature and a representation of said at least a portion of the
   message to be transmitted.
   6. A method according to claim 1, wherein said authorizing certificate
   (116) defines the cosignature requirements which must accompany the
   signer's signature.
   7. A method according to claim 6, wherein a digital signature by a
   third party indicating approval of the user's signature is required
   (116) thereby defining a counter signature requirement.
   8. A method according to claim 7, wherein the third party countersigns
   (86) by digitally signing the sender's digital signature.
   9. A method according to claim 6, wherein the step of defining
   cosignature requirements includes the step of specifying at least one
   other digital signature which is required to appear in the digital
   message thereby defining a joint signature requirement (116).
   10. A method according to claim 1, wherein said authorizing
   certificate defines limitations as to the authority granted by the
   certificate (116).
   11. A method according to claim 10, further including the step of
   setting a monetary limit for the sender.
   12. A method according to claim 1, wherein said authorizing
   certificate includes at least one field indicative of the degree of
   responsibility delegated to the sender.
   13. A method according to claim 1, wherein said authorizing
   certificate defines a hierarchy of certificates within the transmitted
   message such that a recipient of the message can verify the authority
   of the signer based upon an analysis of the signed message.
     _________________________________________________________________
   
   Data supplied from the esp@cenet database - l2


_______________________________________________
Patents maillist  -  Patents@liberte.aful.org
http://liberte.aful.org/mailman/listinfo/patents