1. Field of the Invention
The present invention is directed to securing digital data for storage and transmission and, more particularly, to a system for sealing computer data using a time stamp and encryption.
2. Description of the Related Art
There has been a tremendous upsurge in recent years in the exchange of data and information by computer, fax, telex and other electronic media. The growing use of electronic data processing in all fields, in light of the quality and quantity of the data processed, has created a whole new dimension in the demand for data security. As daily press reports indicate, this is especially true in the area of remote data transmission. For example, see xe2x80x9cInternet is Not Suitable for Sensitive Dataxe2x80x9d (xe2x80x9cInternet ist fxc3xcr sensible Daten nicht geeignetxe2x80x9d) in xc3x84rzte-Zeitung 14, No. 86, May 11, 1995, and xe2x80x9cDon""t Trust Anyone per Faxxe2x80x9d (xe2x80x9cTrau"" keinem xc3xcber Faxxe2x80x9d) in PraxisComputer No. 1, Feb. 10, 1995, p. 15.
The demand for data sealing, document authenticity and legally binding communications is becoming ever louder. It is only a matter of time until legislators devise applicable guidelines. The text of an interview with Dr. Winfried Schorre and Horst Seehofer on this subject, entitled xe2x80x9cMake Better Use of Scarce Resourcesxe2x80x9d (xe2x80x9cKnappe Ressourcen besser nutzenxe2x80x9d), appeared in PraxisComputer No. 5, Aug. 10, 1995, p. 36.
To illustrate the current situation, several possible opportunities for manipulation are described briefly below.
Example: Medicine
A surgeon dictates a post-operative report, which is then entered into the computer by administrative personnel. It is later found that the surgeon made a mistake: for example, removing a cataractous lens on the basis of a pre-operative diagnosisxe2x80x94but from the wrong eye. Afterward, the surgeon attempts to manipulate the pre-operative findings (cataractous left lens) to clear himself (cataractous right lens).
Example: Finance
Exchange-rate transactions are carried out at timepoint t1. At timepoint t2, the rate has dropped. Post-facto manipulation is undertaken to fraudulently avoid a loss.
Example: Research
Who was the first to document an invention?
Example: Law
A written record of testimony is made. For use in court, document authenticity is required.
Example: Data Exchange
A letter of discharge for a psychiatric patient is to be sent by modem to the patient""s family physician. The authenticity of the receiver must be ensured, and unauthorized access to confidential documents must be prevented. See: xe2x80x9cPledge of Secrecy and Data Networksxe2x80x9d (xe2x80x9cSchweigepflicht und Datennetzexe2x80x9d) in PraxisComputer No. 6, Oct. 15, 1994, p. 5.
The Federal Physical Technical Agency in Braunschweig broadcasts the time of day, as determined by a cesium clock, via radio waves from Mainflingen. The broadcast signals can be received within a radius of 1500 to 2000 km. For details, see xe2x80x9cDCF Reception Technologyxe2x80x9d (xe2x80x9cDCF Empfangstechnikxe2x80x9d) in ELV-Journal June 1994, pp. 27 ff.
Receiver modules for broadcast time signals have achieved a high technical level (as discussed in DesignandElectronik 10, May 16, 1995, No. 242: xe2x80x9cIndustrial Clocks in the Atomic Agexe2x80x9d (xe2x80x9cIndustrie-Uhren im Atomzeitalterxe2x80x9d)). Such receivers provide the date and time of day, referred to hereinafter as xe2x80x9cstandard time,xe2x80x9d on a minute by minute basis.
Time signals also exist in foreign countries, e.g., MSF (England) and WWVR (United States). Furthermore, a time signal is contained in the Global Positioning System (GPS, see below).
For as long as there has been information, there has been the desire to shield information from general access by encryption. The security of the key used correlates with the quality of the key algorithm.
Various encryption methods are available for protecting the secrecy of confidential data. These methods offer more or less data security, in keeping with their costs. A basic distinction is made between symmetrical methods (crypto procedures as per Feal, DES, etc.) and asymmetrical methods (RSA, PGP, etc.).
Various attempts to achieve document authenticity and legally binding communications have thus far yielded no satisfactory solution. The equivalence of a digital signature to a personal handwritten signature is the object of intensive research, as outlined in the articles xe2x80x9cCrypto Envyxe2x80x9d (xe2x80x9cCrypto-Neidxe2x80x9d) in c""t Magazin 1995, Vol. 6, p. 46 and xe2x80x9cSingle Chip Controllers for Crypto-Cardsxe2x80x9d (xe2x80x9cSingle-Chip-Controller fxc3xcr Kryptokartenxe2x80x9d) in DesignandElectronik 14/15, Jul. 18, 1995, No. 212. Compared with encryption alone, digital signatures offer a variety of advantages (Glade, A., Reimer, H., Struif, B.: xe2x80x9cThe Digital Signature and Security-Sensitive Applicationsxe2x80x9d (xe2x80x9cDigitale Signatur und sicherheits-sensitive Anwendungenxe2x80x9d), Wiesbaden 1995).
The post-facto vulnerability of electronic data to manipulation represents a problem that has not yet been solved. In the legal sense, a file becomes a document only by virtue of being published, including a date and signature. However, in view of the abundance of data and the speed with which data is produced and destroyed (data turnover), that method reaches the limits of the possible.
The growing exchange of data by computer, fax and other media, as well as the permanently increasing number of networks on the national and international lever (Internet, etc. See: xe2x80x9cInternet is Not Suitable for Sensitive Dataxe2x80x9d (xe2x80x9cInternet ist fxc3xcr sensible Daten nicht geeignetxe2x80x9d) in xc3x84rzte-Zeitung 14, No. 86, May 11, 1995), makes adequate measures for data security a necessity. For more information, see: xe2x80x9cDon""t Trust Anyone per Faxxe2x80x9d (xe2x80x9cTrau"" keinem xc3xcber Faxxe2x80x9d) in PraxisComputer No. 1, Feb. 10, 1995, p. 156, May 11, 1995 and xe2x80x9cData Keys, Foundations of Cryptology (xe2x80x9cDatenschlxc3x6sser, Grundlagen der Kryptologiexe2x80x9d) in c""t Magazin 1994, Vol. 8, pp. 230 ff.
An object of the invention is therefore to provide a method and a device for sealing electronic data that protect the sealed data against unauthorized access or manipulation and can be used in stationary operation (PCs, etc.) as well as during transport (fax, etc.).
Pursuant to this object, and others which will become subsequently apparent, one aspect of the present invention resides in a method for sealing digital data, whereby the digital data is provided with a time stamp of an internal time signal of an internal clock. The method includes the steps of receiving and evaluating an internal broadcast or a cable signal of an external time source, from which a standard time can be derived, comparing the standard time with the internal time signal of the internal clock, time stamping the digital data, if a time difference between the internal and external time signals lies within a given tolerance range, and encrypting the time-stamped digital data.
The object is achieved by incorporating, during the encryption process, a signal that contains the standard time and an authentication code. Decryption is carried out by the person or persons having the key, and the file is checked for possible modifications (manipulation).
The method and device described here ensure that access to the sealed data remains blocked, as a rule, and thus constitute a significant step toward document authenticity and legally binding communications (see FIG. 1: Data Flow Diagram).
For data transport, this means that the authenticity of transmitter and receiver is guaranteed, while unauthorized access to the transmitted data is prevented by the simultaneous encryption.
The method and device for sealing computer data by a combination of standard time incorporation, authentication and encryption thus protects the sealed data against unauthorized access or manipulation, both in the area of stationary electronic data processing (example: PC plug-in cards) and in that of remote data transmission (example: additional circuit boards).
To upgrade on the PC level, a plug-in card is favored. For data transmission devices, an additional or xe2x80x9cdaughterxe2x80x9d circuit board is preferred. Of course, technology attempts to miniaturize such circuits and compress them into the smallest possible area. It is also possible, particularly in new devices, to implement a user-specific IC (ASIC) solution, depending on the number of pieces produced. The device according to the invention can also be connected to a PC (i.e., to computers in general) by any desired interface (serial, parallel, PCMCIA adapter).
The components of the device and the method are shown in FIG. 3.
The device comprises electronic components that must perform the following tasks:
signal evaluation
signal check
provision of device identification number
encryption of received signal
manipulation check
Existing transmitter:
The transmitter provides date and time-of-day information. Along with time signal transmitters, other signal carriers such as satellites, TV cables, telephones and TV transmitters, can be used. In addition, so-called xe2x80x9cprovidersxe2x80x9d (e.g., Telecom) can be granted the option to provide or incorporate signals.
Self-constructed transmitter:
A self-constructed transmitter increases data security in the following ways:
1. Provision of standard time in encrypted form.
2. Variability of time of transmission.
3. Mixing genuine and false information.
4. Transmitter-receiver synchronization of limited duration.
5. Mixing information from 1 through 4.
6. Bidirectional signal for signal transmittal.
The nature of the receiver depends on that of the transmitter. In principle, broadcast and cable signals can be received. A suitable logic analyzes the received signals.
In the case of broadcast time signals, authenticity is checked, in the absence of specific additional signals, via the up-link numbers of the time pulse. That is, in the event of any manipulation, inputs with earlier dates than the last retrieved genuine data time signal would be recognized as manipulation. In addition, the received signal is compared with an internal clock (real time clock: RTC), and time differences outside of a control range point to manipulation.
Authentication is carried out by a device and/or a method that establish, beyond any doubt, the identity of the transmitter or receiver of a message.
Electronic signatures are currently the subject of research. For example, see: xe2x80x9cSingle Chip Controllers for Crypto-Cardsxe2x80x9d (xe2x80x9cSingle-Chip-Controller fxc3xcr Kryptokartenxe2x80x9d) in DesignandElectronik 14/15, Jul. 18, 1995, No. 212. Other devices and methods are also suitable for proof of authenticity (card readers, fingerprint readers and transponder systems as described, for example, in the article xe2x80x9cContact-Free Identificationxe2x80x9d (xe2x80x9cBerxc3xchrungslose Identifikationxe2x80x9d) in DesignandElectronik No. 283).
Modification of the time signal is carried out by hardware (GAL, PAL and/or other hardware encryption processes, such as the clipper chip, discussed in xe2x80x9cNSA and the Clipper Chipxe2x80x9d (xe2x80x9cDie NSA and der Clipper-Chipxe2x80x9d), c""t Magazin 1994, Vol. 9, p. 24) and/or by software (encryption algorithms, e.g., using the RSA method; for details, see xe2x80x9cData Keys, Foundations of Cryptology (xe2x80x9cDatenschlxc3x6sser, Grundlagen der Kryptologiexe2x80x9d) in c""t Magazin 1994, Vol. 8, pp. 230 ff.). Decryption can be carried out only by someone who has the key to the modification logic.
To prevent mechanical manipulation, the chip or the components of the plug-in card are integrally cast and use an electrical-mechanical connection technique, so that later picking out of microprocessor elements is made more difficult. As FIG. 5 shows, contact with the protective grids A and B results in deletion of the programmed components; this is called the xe2x80x9cblack boxxe2x80x9d solution.
Data manipulation is recognized by a parity check and other mathematical and/or hardware checking processes. Security increases along with the complexity of the checking methods.
In the United States, independent organizations for data protection have established a so-called xe2x80x9ctrust centerxe2x80x9d to serve as a trusted third party in data protection. Its activities relate to encryption and decryption and to key distribution and storage as well as to cooperation with providers and suitable notarization for the impartial certification of communications keys, etc. For more details, see xe2x80x9cMuch is Possible with Chip Cardsxe2x80x9d (xe2x80x9cMit Chipkarten ist vieles mxc3x6glichxe2x80x9d) in PraxisComputer No. 2, Mar. 10, 1995, pp. 16-17.
Along with identification (e.g., a signature), a document contains data and, in some cases, the time and location of its creation. Via satellite localization (Global Positioning System), this location can be adequately identified and incorporated into the document in the same fashion as the standard time, for example.
If the device is embodied as a PC plug-in card, the DCF77 time signal broadcast by the Federal Physical Technical Agency in Braunschweig can assume the role of transmitter. Receivers of time signals are found in various embodiments (sizes, receiver characteristics). The received signal is demodulated and amplified as a 100 or 200 ms pulse per second and then passed on to the PC plug-in card for analysis. A microcontroller on the plug-in card converts the received signal pulse into time information and stores the last received time via a special logic tailored individually to each plug-in card. Validation of the DCF77 signal is shown in FIG. 7.
Each plug-in card has an individual identification number. Hardware and software use these numbers for machine identification. The components for reception, authentication and encryption do not necessarily need to all be located on the card itself, as the example of the plug-in card in the PC in FIG. 6 shows.
By a signature procedure (e.g., MD5, Message Digest 5 of Ron Rivest), the the original file is provided with a header (information on relevant variables such as operating system version and file size) and, with a defined part of the original file itself, is formed into a block, which in the present case assumes a size of 4 kbyte (so-called xe2x80x9c4 kblockxe2x80x9d).
The microcontroller software accesses the time signal, incorporates it into the 4 kblock, encrypts the 4 kblock inside the black box, and attaches the time-stamped digital signature to the original file. Optionally, this can be separately stored or encrypted again together with the original file (see FIG. 8).
Decryption can be carried out only by a keyholder. A check for post-facto manipulation is carried out at that time by a signal check.
If the device according to the invention is embodied as an additional circuit board, the preconditions for transmitter and receiver are the same as when the device is realized as the PC plug-in card (see above).
Along with document authenticity, data security during transport is of decisive importance in the area of remote data transmission. Before being transmitted, data is encrypted as described, with incorporation of the time signal. Encryption and decryption are carried out by logic components, which must be integrated in the smallest possible space, in keeping with the basic requirements of data transmission devices. The encryption software is stored in the EPROM, for example. The encryption hardware can comprise a clipper chip, for example.
Along with the above security precautions, the time signal, by establishing the transmission and reception times of true and false information, creates further barriers against unauthorized access and/or manipulation.