1. Technical Field
The present invention relates to a high security communication system including a plurality of users or terminals connected to each other via a common communication link which is in turn connected to a Host CPU. By means of the present system it is possible for a User A (sender) to communicate a specific transaction to a User B (receiver) with an extremely high degree of integrity or confidence on the part of both users.
The high technology environment in which modern business operates affords many opportunities to do things that were impossible several decades ago. The advent of modern data processing, handling and high speed communication facilities allow business to be speedily transacted over hundreds or even thousands of miles. Where the business is routine and within a given business entity these modern data handling and communication tools may be utilized with great efficiency. However, there are still many areas of business activity which are still performed by old fashioned time consuming methods. An area which has been bypassed by modern technology is that of contracts between two business entities wherein two parties agree to enter into a very specific venture and are subsequently legally obligated to perform their relative duties required of the venture. Such a venture might simply involve the purchase of a piece of real property, the purchase or sale of stocks or commodities (especially where time is critical) or other ventures of an even more complicated nature.
Basically the two parties wish to enter into a contract which is usually consummated by both parties agreeing on the terms of a written document and personally signing same. The terms of the contract constitute an agreement as to what is to be done and the signatures insure each party that the other party is legally obligated to perform the contract.
Today this function is accomplished either by both parties meeting to agree upon terms and sign the document or the same process is accomplished by an appropriate exchange of documents via the mail. In the case where the parties meet and each sign in front of the other forgery is no problem, however with mail communications a forged signature could occur.
To conduct a basic contractural transaction utilizing modern communication and data handling facilities a number of threats to the integrity of such a transaction exist. In the following discussion the transaction message or data would constitute the terms of the contractural agreement and the users (sender and receiver) are the contracting parties.
The first threat is reneging, wherein the sender engages in a transaction with a receiver sending data which he may subsequently attempt to disown. Thus, the receiver must know with certainty that the sender sent the specific message which fact may be proven subsequently.
A second possible threat to such a system is forgery, wherein the receiver may allege that he received a message which in fact is a fabrication, thus, it must be possible for the sender to prove that the supposed message was in fact a forgery.
A third threat is similar to forgery, namely that of alteration, wherein the receiver might alter the message in a material way which would do some financial or other harm to the sender. Thus, any alteration of such a message must be identifiable by the alleged sender.
A still further threat is where a sender or other person, by penetrating the communication system, would attempt to fool a receiver into accepting a transaction as valid from some sender by manipulation of the operating system, such as by eavesdropping and the capture and resending of stale messages of the fabrication of "approval" signals from the CPU, etc. The system must thereby guarantee B that such penetration is not possible.
A final threat is masquerading, wherein a user on the system would attempt to masquerade as a different user to a third party. This would normally be done by means of a combination of the above threats.
In the herein disclosed verification/communication system it must be assumed that all users are linked to the host telecommunication system in common and that their messages are enciphered by a common encipherment process. Accordingly, the integrity of the communication's security, or lack of it, will play no role in the verification of transactions.
As stated previously, there are many potential uses for such a high integrity communication system in the modern business community. Potential applications are in the area of stock market transactions carried out over the communications system, automatic banking transactions, electronic mail and/or any other system in which digitilized messages are sent and received over public communications channels and wherein the integrity of both the messages and the originators must be absolutely guaranteed.
It is accordingly a primary object of the present invention to provide such a high security communication system wherein both the transaction content and the authenticity of senders may be unequivocally determined and wherein all of the above enumerated threats may be substantially eliminated.
It is a further object to provide such a system utilizing readily available communcations and computational hardware organized and operated in the manner set forth herein to produce such a system.
It is a still further object to provide such a system whereby the required integrity may be guaranteed by a transaction protocol utilizing a one-way signature generation sequence.
2. Description of the Prior Art
The following publications all relate to various types of electronic or digital signature system generally using various types of approaches to achieve data and/or message integrity. The systems disclosed in these publications differ considerably in both approach and results to the system disclosed herein. (1) M. O. Rabin, "Signature and Certification by Coding," IBM Technical Disclosure Bulletin, Vol. 20, No. 8, pp. 3337-8, (January 1978). (2) W. Diffie, M. Hellman, "New Directions in Cryptography," IEEE Trans. on Information Theory (November 1976). (3) R. L. Rivest, A. Shamir and L. Adleman, "On Digital Signatures and Public-Key Crypto-Systems," M.I.T. Laboratory for Computer Science Report, MIT/LCS/TM-82 (April 1977).
The following copending applications both describe high integrity communication systems utilizing state-of-the-art encryption devices and having the capability of securing the system against the previously enumerated threats. However, the system in both of these patent applications utilize essentially a two-way communication protocol. (1) Application Ser. No. 053,589 of A. G. Konheim filed June 29, 1979 entitled; "A Method and Apparatus for Transaction and Identity Verification", now U.S. Pat. No. 4,264,782 and (2) Application Ser. No. 165,455 of W. G. Bouricius et al filed July 2, 1980 entitled "A High Security System for Electronic Signature Verification", now U.S. Pat. No. 4,326,098.