Transactions such as commercial, official, and personal ones are increasingly being conducted electronically by means of data exchanged over public telecommunication channels. While the data is in transit or stored in insecure storage, it is vulnerable to unauthorized access, tampering or corruption. Thus its confidentiality and integrity may be compromised. Also, when data received is claimed to originate from a given entity, its authenticity may not be assured. These concerns are particularly acute with the rapid ascendency of the Internet as a popular and global data communication channel, specially when it is well known to be an inherently insecure communication medium.
Thus, secure data considerations includes confidentiality, integrity and authentication.
Data confidentiality is to ensure that the data is only accessible to its intended recipient. It can be accomplished by encryption techniques as disclosed in U.S. Pat. Nos. 5,412,729 and 5,539,827.
Data integrity is to ensure that the retrieved data is identical to the original data. For example, financial institutions such as banks regularly exchange financial data electronically. It is of critical importance that the exchanged data is not corrupted or tampered with, and in the event it is so, that it be easily and quickly detected.
Data authenticity, on the other hand, is to ensure that the retrieved data is truly from the professed owner and not from an imposter. For example, currently the large amount of fraudulently used credit cards demands an expedient and reliable authentication system.
Thus, there is a need for improved data integrity detection and authentication systems.