1. Field of the Invention
The present invention relates generally to methods for providing a verifiable chain of evidence and security for the conversion of an original paper document into an authenticated, original electronic information object in digital format.
2. Description of the Background
The continuing evolution of the methods of commerce is evident in the increasing replacement of paper-based communications with electronic communications. When communication is electronically reproduced messages such as e-mail, facsimile machine, imaging, electronic data interchange or electronic fund transfer, there no longer exists a signature or seal to authenticate the identity of a party to a transaction. Moreover, such electronic communication methods result in the production of multiple, identical copies of such messages, which make it unclear as to which of such copies, if any, is to be considered the “original” authoritative version, for all purposes.
To address these problems, a trusted repository electronic vault authentication system (the “Trusted Repository”) has been described that provides the needed security and protection during creation and ongoing maintenance of electronic documents and other information objects, and that advantageously utilizes an asymmetric cryptographic system to help ensure that a party originating an information object is electronically identifiable as such. As an initial matter, it will be helpful to understand the following terminology that is common in the field of secure electronic commerce and communications.
“Public key cryptography (PKC)” uses pairs of cryptographic “keys”, each pair having a private (secret) key and a public key that are associated with respective registered users. The public keys are published for anyone to use for encrypting information intended for the respective users. Only the holder of the paired private key can read information, i.e., an electronic document or more generally an information object that was encrypted using the respective public key. Conversely, an electronic document that is “digitally signed” using a user's private key can be verified as that user's by anyone who knows the user's public key. The encrypt and decrypt functions of both keys are truly “one-way”, meaning that no one can determine a private key from the corresponding public key, and vice versa, which in popular PKC systems is due to the fact that, at least currently, finding large prime numbers is computationally easy but factoring the products of two large prime numbers is computationally difficult. Example PKC algorithms, which comply with applicable government or commercial standards, are the digital signature algorithm (DSA/RSA) and secure hash algorithm (SHA-2/MD5).
Various aspects of public-key cryptographic (PKC) systems are described in the literature, including R. L. Rivest et al., “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communications of the ACM vol. 21, pp. 120 126 (February 1978); M. E. Hellman, “The Mathematics of Public-Key Cryptography”, Scientific American, vol. 234, no. 8, pp. 146 152, 154 157 (August 1979); and W. Diffie, “The First Ten Years of Public-Key Cryptography”, Proceedings of the IEEE, vol. 76, pp. 560 577 (May 1988). It can also be noted that for a PKC system, as for other cryptographic systems, the system's strength, i.e., the computational effort needed to break an encrypted message, depends to a great extent on the length of the key, as described in C. E. Shannon, “Communication Theory of Secrecy Systems”, Bell Sys. Tech. J. vol. 28, pp. 656 715 (October 1949).
A “digital signature” is an unforgeable data element, which is logically associated, applied or attached to an electronic document or other information object with the intent or commitment of the signer to sign or otherwise be bound by the terms of the electronic document or other information object. A digital signature is typically created by “hashing” the electronic document, encrypting the resulting hash (integrity block) using the user's private (secret) key, and appending the encrypted hash to the electronic document or other information object.
An “electronic signature” is one of the mechanical, holographic, digital, voice or biometric signatures, or such other electronic sound, symbol(s), or process which is logically associated, applied or attached to an electronic document with the intent or commitment of the signer to sign or otherwise be bound by the terms of the electronic document.
An “authentication certificate” is an unforgeable digitally signed data element that binds a user's public key to the user's identity information and that advantageously, but not necessarily, conforms to the international standard X.509 version 3, “The Directory-Authentication Framework 1988”, promulgated by the International Telecommunications Union (ITU). Each authentication certificate includes the following critical information needed in the signing and verification processes: a version number, a serial number, an identification of the Certification Authority (CA) that issued the certificate, identifications of the issuer's hash and digital signature algorithms, a validity period, a unique identification of the user who owns the certificate, and the user's public cryptographic signature verification key. Authentication certificates are issued and digitally signed by a CA that is responsible for ensuring the unique identification of all users.
An authentication certificate is a digital “ID”, much like a driver's license or other documentation that is used to verify a person's identity. The original information object public key infrastructure can use the X.509v3 certificate that is based on an ISO/ITU standard, as interpreted by the Internet Engineering Task Force (IETF) Public Key Infrastructure X.509 (PKIX) recommendations. These certificates are digitally signed by the issuing Certification Authority, which ensures both content and source integrity. The act of digitally signing makes the certificates substantially tamper-proof, and therefore further protection is not needed. The intent of the certificate is to reliably associate (bind) a user's name to the user's public cryptographic key. The strength of protection equates directly to the strength of the algorithm and key size used in creating the issuer's digital signature (hash and digital signature algorithms). A certificate therefore securely identifies the owner of the public key pair, which is used to provide authentication, authorization, encryption, and non-repudiation services. A typical certificate has the following form: [Version, Serial No., Issuer Algorithm (Hash & Digital Signature), Issuer Distinguished Name (DN), Validity Period, Subject DN, Subject Public Key Info, Issuer Unique Identifier (optional), Subject Unique Identifier (optional), Issuer Public Key, Extensions (e.g., Subject Alt Name), Issuer Digital Signature]. A unique DN is formed by concatenating specific information (e.g., country, locality, organization, organization unit, e-mail address, common name).
Certificate extensions can also be used as a way of associating additional attributes with users or public keys, and for managing the public key infrastructure certificate hierarchy. Guidance for using extensions is available in the recommendations of ITU X.509v3 (1993)/ISO/IEC 9594 8:1995, “The Directory: Authentication Framework” or in IETF Internet X.509 Public Key Infrastructure Certificate and CRL Profile<draft-ietf-pkix-ipki-part1-11>.
A user's authentication certificate is advantageously and preferably appended to an electronic document or other information object with the user's digital signature so that it is possible to verify the digital signature.
“Public Key Infrastructure (PKI)” is the hierarchy of CAs responsible for issuing authentication certificates and certified cryptographic keys used for digitally signing and encrypting information objects. Certificates and certification frameworks are described in C. R. Merrill, “Cryptography for Commerce—Beyond Clipper”, The Data Law Report, vol. 2, no. 2, pp. 1, 4 11 (September 1994) and in the X.509 specification, which are expressly incorporated by reference in this application.
A “lock flag” is one of the meta data properties of an information object and is used by computing systems to ensure the complete performance of system actions which comprise a series of steps. When a system user requests that a system action be performed against an information object and that system action is comprised of a series of steps that must be performed by the system on the information object, the lock flag is populated by the system with an identifier for the system action. Any time the system attempts to take an action on an information object, the information object's lock flag is checked. If the lock flag contains an identifier, the identifier is verified to confirm that the attempted action is part of the series of steps corresponding to the identifier. If the identifier and the attempted action are associated, the action is allowed to proceed with respect to the information object. If the identifier and the attempted action are not associated, the attempted action is blocked by the system and the user is notified of an error. When the final action in the series of steps of the system action identified by the lock flag are complete, the system removes the identifier from the lock flag thereby “unlocking” the information object for future system actions.
As described in U.S. Pat. Nos. 5,615,268, 5,748,738, 6,237,096, 6,367,013, 7,162,635, 7,743,248, and 8,924,302 to Bisbee et al., an original electronic document or information object having the same legal weight as a blue-ink-signed paper document (e.g., a negotiable instrument) is made possible by contract and by the PKI and associated computer technology. An electronic document, or more generally an information object, is created and transferred to a third-party Trusted Repository that is specifically designed and empowered by contract to securely and reliably store any such object for its full effective life. The contractual aspect is an agreement between the Trusted Repository and the party submitting or relying on the electronically signed information object to accept reliance on the Trusted Repository as the custodian of the information objects. To do this the Trusted Repository creates a single copy of an electronic document or information object stored in the electronic vault, which copy is designated by the parties as the authoritative copy, and maintains a custody chain for securely storing such authoritative original electronic information objects without the Trusted Repository ever relinquishing control of the authoritative original electronic information object. This is necessary for compliance with electronic transaction laws more fully discussed below, and a third-party operated Trusted Repository has been described that provides the needed security and protection of electronic documents. The Trusted Repository advantageously utilizes an asymmetric cryptographic system that help to ensure that a party originating an electronic document for deposit into the Trusted Repository is identifiable as such and that protects the integrity of electronically stored documents and other information objects during and after origination. This Trusted Repository is one aspect of the present method for secure transmission, storage, and retrieval of information objects and is described in U.S. Pat. Nos. 5,615,268, 5,748,738, 6,237,096, 6,367,013 and 7,020,645 to Bisbee et al. which are expressly incorporated herein by reference.
The Trusted Repository implements defined business rules for the transactions handled by the Trusted Repository (i.e., a complete set of authorized actions). The Trusted Repository also implements a defined security policy (i.e., a set of protective measures that is necessary to prevent unauthorized actions). The Trusted Repository uses its business rules and security policy to govern transaction requests and access to the repository over the respective life cycles of all documents and information objects within its control, verifying the identities and authorities of parties (local and remote) requesting repository services. The Trusted Repository securely stores and securely retrieves digitally signed, authenticated, and encrypted electronic documents or information objects. Upon request, the Trusted Repository prints and issues certified copies of electronic documents or information objects. The Trusted Repository advantageously supports a multi-port token server for proving document authenticity, for verifying the identities of signing and accessing parties, and for authenticating document submissions. The Trusted Repository provides for backup and disaster recovery, and ensures that stored information is not lost within a specified retention period, whether that period is specified by a user, law, or regulation.
A “signature block” includes at least two components: signer information and certificate information. Signer information contains the hash of the information object(s) (i.e., its content) with an authenticated attribute, electronic signature, and unauthenticated attribute appended. The authenticated attribute field contains pertinent additional information relating to the act of signing and is protected by the signer's electronic signature. A hash is computed over both the information object(s)′ hash and authenticated attribute fields and encrypted using the signer's private key, thereby creating a digital signature. The unauthenticated attribute can be used to convey additional information to the Trusted Repository and/or by the Trusted Repository to the information object when the signature arrives at the Trusted Repository. Certificate information contains the signer's X.509 certificate. It may also contain some form of attribute certificate signed by a Trusted Repository recognized issuing authority. This attribute certificate is used to convey additional qualifying information about the signer that may be used by the business rules established for the Trusted Repository in making access control decisions.
It is also important to note that a digital signature is not valid indefinitely but only during the validity period of its authentication certificate. The validity period of an authentication certificate is also not indefinite but typically is set so as to limit the chances for compromise of the digital signature, e.g., as a result of theft of the secret signature key or decreased cryptographic viability. Validity periods can be in the range of one year to three years, although other periods are also possible. A Trusted Repository's authentication certificate's validity period is normally longer than the validity period of a user's certificate, and the cryptographic strength of a Trusted Repository's certificate is normally stronger than that of a user's certificate. For these reasons and because of the Trusted Repository's verification of content integrity and of digital signature(s) and certificate(s) validity on receipt of an information object, the validity period of the Trusted Repository's digital signature as conveyed in the Trusted Repository's certificate may supersede, or extend, the validity period(s) of the received information object's digital signature(s), provided the Trusted Repository physically protects the received information object's contents from external tampering.
With all of the advantages of original electronic documents or information objects that are provided by the U.S. patents referenced above, one portion of the overall workflow that is prone to risk, at least in conventional systems, is the initial deposit of the authoritative electronic information object with the Trusted Repository. Copies of an information object that exist outside of the control of a Trusted Repository must not be able to be mistaken for the authoritative “original” information object. An original information object may be effective as a blue-ink-signed paper document when one or more digital signatures are applied during deposit into a Trusted Repository that reliably and securely stores original information objects for their full effective lives.
Electronic transaction laws include those such as Revised Article 9 of the Uniform Commercial Code (the “UCC”) which allows for the creation and maintenance of “Electronic Chattel Paper”—defined as Chattel Paper evidenced by a record or records consisting of information stored in an electronic medium. The UCC generally defines Chattel Paper as a record or records that evidence both a monetary obligation and a security interest in specific goods. In conventional processes, Chattel Paper consists of blue-ink-signed paper original documents. Often there are multiple copies of the Chattel Paper, with one of such copies marked as “original” and the others marked as “copy”. A party having a the security interest in the Chattel Paper must have physical possession of the tangible original Chattel Paper to “perfect” their security interest—protecting that interest against claims of third parties to ensure the secured party collects on its interest before claims of third parties are considered.
Official Comments to the UCC discuss the business needs and contexts for converting blue-ink-signed paper original Chattel Paper into Electronic Chattel Paper (and vice versa) as well as the several requirements to establish “control” of the Electronic Chattel Paper, which is the electronic equivalent of possession of tangible Chattel Paper. Such requirements include the ability of the computing system and process for creating and maintaining the Electronic Chattel Paper to establish that “a single authoritative copy of the record [ . . . ] exists which is unique, identifiable, and [ . . . ] unalterable”, that each copy of the authoritative copy “is readily identifiable as a copy that is not the authoritative copy”, and that “any amendment of the authoritative copy is readily identifiable as an authorized or unauthorized revision”. U.C.C. § 9-105. Processes for deposit into a Trusted Repository of blue-ink-signed paper documents representing Chattel Paper may successfully establish a resulting authenticated electronic information object as the unique, identifiable, and unalterable authoritative copy—the “original” Electronic Chattel Paper—for all future intents and purposes.