1. Field of the Invention
This invention relates generally to the field of computer security, and more specifically to electronic records and digital signatures.
2. Description of Related Art
In business transactions, it is generally known that by physically producing a “blue ink” signature, or a signature made by a person using an ink pen, on a physical record, the signer can enter a legally-binding agreement, provided both parties involved in the transaction have agreed that the existence of a signature in a particular area or areas of the physical record constitutes agreement by the signer to the terms contained within the physical record. Thus, the terms outlined in the signed physical record may be legal and enforceable.
Modern technology has profoundly changed the way business transactions are conducted today. The use of computers and other data processing devices is commonplace in both large and small businesses. The connectivity provided by intranets and the Internet has reduced information transfer times from days to seconds, and transferring documents electronically eliminates postage and shipping charges. For a reasonable investment, a small business or organization can acquire communication benefits similar to those of large high-technology corporations.
Many government agencies have taken advantage of the cost and time savings benefits offered by electronic communications, and the filing of electronic documents will soon be the preferred, if not required, method of filing certain documents with certain U.S. government agencies.
Nevertheless, electronic records, which are generated, transmitted, received, or stored by electronic means, can be modified or forged. Furthermore, the true origin of an electronic communication can be concealed or faked. Thus, cryptography systems and methods have been developed that attempt to help a recipient verify that a received electronic communication, such as, for example, an e-mail, was actually transmitted from the claimed sender, and that the content of the received electronic communication is an accurate representation of the message transmitted by the sender.
Likewise, systems and methods have been developed that attempt to validate electronic transactions, such as credit card purchases over the Internet. Typically, these systems involve the use of a digital signature (sometimes referred to as an electronic signature) that can be added to an electronic record to authenticate the identity of the sender of the record or the signer of the record, and verify that the received electronic record is a true and accurate representation of what the sender transmitted. Ultimately, the goal of these systems and methods is to produce a system and method whereby a signer's digital signature on an electronic record is given the same legal enforceability as a blue ink signature on a physical record.
Generally, an electronic signature is an electronic sound, symbol, or process attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record. A digital signature is a form of electronic signature, generated by computer hardware or software and represented in a computer as a string of binary digits. The methods of producing a digital signature involve a set of rules and a set of parameters such that the digital signature produced is unique and verifiable, and such that both the identity of the signatory (person represented by the digital signature) and the integrity of the data (the binary bits which were signed) can be verified.
Traditional cryptography has usually involved the creation and sharing of a secret key for the encryption and/or decryption of a message. Unfortunately, if the secret key is discovered or intercepted by someone else, the message can easily be decrypted. Thus, use of a Public Key Infrastructure (PKI) or Public Key Cryptography (PKC) system is generally preferred.
A PKC system is an asymmetric encryption system, meaning that it employs two “keys”, which are created simultaneously using the same algorithm by a public-private key issuing authority. A public key is made publicly available (as part of a digital certificate) in a directory that all parties can access, and is used to encrypt an electronic record or verify a digital signature. A private key is kept private, secret, and never shared with anyone or transmitted across the Internet, and is used to generate a digital signature or decrypt an encrypted electronic record. Each person involved in an electronic transaction based on the private and public key method of digital signature generation and verification will possess a private and public key pair. Anyone can verify a person's digital signature by using that person's public key (which can be found in a public directory), but only the possessor of a person's private key may generate a digital signature. PKC systems permit the user's public key to be posted, in a directory or on a bulletin board for example, without compromising the user's private key. This public key concept simplifies the key distribution process.
Asymmetric systems adhere to the principle that knowledge of one key (the public key) does not permit derivation of the second key (the private key) because finding large prime numbers is computationally easy but factoring the products of two large prime numbers is computationally infeasible. Examples of PKC algorithms are the Digital Signature Algorithm (DSA) (Federal Information Processing Standards Publication 186, 1994, “FIPS PUB 186,” and its successors), and the Rivest, Shamir, and Adleman (RSA) algorithm, as specified in Internet Engineering Task Force (IETF) Request for Comments (RFC) 2347 and its successors.
When dealing with an electronic record, such as an e-mail message, a sender may, for example, digitally “sign” the electronic record using the PKC system. When digitally signing an electronic record using a PKC system, the sender does not merely add his or her digital signature to the electronic record as he or she would a “blue ink” signature. Instead of using a “blue ink” signature, a message digest of the electronic record (a statistically-unique mathematical “summary” of the electronic record), is first generated using special software.
The message digest is a compressed representation of the original electronic record, but is usually much smaller than the electronic record on which it is based. Message digests may be produced using standard, published, one-way hashing algorithms, and message digests produced by the same algorithm are generally the same length in bits. The message digest will be considered a unique representation of the electronic record because it is computationally infeasible for the same message digest function to produce the same message digest for two different electronic records. Therefore, the use of a message digest as a representation of the electronic record is considered valid.
Message digest algorithms currently available, such as MD-2, MD-4, MD-5, SHA-1, and SHA-256, are hashing algorithms that create message digests by iteratively performing computations on specific portions of the electronic record (512 bits or 1024 bits). The result of each iteration is combined with the result from the previous iteration forming a “chain” of interim values, thus these interim values are called chain values. The initial chain value is called the seed value and is a predefined, constant value (the actual value depends on the particular message digest algorithm being used). For SHA-1, as an example, five 32-bit chain values are produced for each 512 bits of data. A full history of PKC systems is described in W. Diffie's, “The First Ten Years of Public-Key Cryptography”, which is incorporated herein by reference.
Once the message digest has been produced, the sender's private key (an asymmetric private key, which the sender usually obtains from the public-private key issuing authority) is used to cryptographically create a digital signature from the message digest. Because of the manner by which the sender's digital signature is obtained, the sender's digital signature will be different each time he or she sends a different e-mail message.
When the electronic record with the sender's digital signature is received by a recipient, the digital signature is verified using the electronic record and the sender's public key. If the digital signature is valid, the recipient knows that the sender's private key was used to sign the electronic record.
In addition to encrypting an electronic record, a sender may be authenticated by the receiver by using the private key to encrypt some data. When the receiver receives the encrypted data, he can use the sender's public key, which resides in the sender's publicly available digital certificate, to decrypt it. PKC can also be used to generate a digital signature to authenticate a signer. The signer creates a message digest of the electronic record. After generating the message digest, the signer creates a digital signature from the message digest with his private key. The receiver, upon receiving the digital signature and computing the message digest of the electronic record, uses the signer's public key, which resides in the signer's publicly available digital certificate, to verify the signature. This operation validates the identity of the signer because he is the only person who can sign the message with his private key.
Thus, a PKI enables users of a basically unsecured public network, such as the Internet, to securely and privately exchange digital information through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. Varieties of products are offered by, for example, RSA®, Verisign®, GTE CyberTrust®, Xcert®, or Netscape®, which enable a user to implement a PKI. While there is no universal standard for PKI, the public key infrastructure generally presumes the use of Public Key Cryptography (PKC), which is the most common method on the Internet for authenticating a message sender or encrypting a message.
In addition to the PKC method, encryption may be accomplished by the symmetric algorithm method. An example of this is the Data Encryption Standard (DES), which is described in Data Encryption Standard, Federal Information Processing Standards Publication 46 (1977) (“FIPS PUB 46,” and its successors), which is available from the U.S. Department of Commerce. In general, a symmetric cryptographic system is a set of instructions, implemented in hardware, software, or both, that can convert plain text into ciphertext, and vice versa. In a private key system (sometimes known as a symmetric cryptographic system), a specific key is used that is known to the users but is kept secret from others.
Computers and other electronic devices, such as Personal Digital Assistants (PDA) and cellular telephones, provide the interface terminals from which parties to a business transaction may take advantage of the many benefits of electronic transactions. One of the primary benefits of validating electronic transactions is the ability to transact business with a person, or groups of people, anywhere in the world, since electronic transactions can take place over telephone lines, computer networks, and through the air via cellular and satellite communication systems.
In recognition of the general acceptance of using electronic communications in the business place, laws regulating electronic communications have begun to be developed and adopted. In effect since Oct. 1, 2000, the Electronic Signatures in Global and National Commerce Act (often referred to as the e-signature law or e-Sign) specifies that in the United States, the use of a digital signature on an electronic record is as legally binding as a traditional handwritten signature written in ink on paper. The purpose of this and other laws, such as the Uniform Electronic Transactions Act (UETA), is to validate the authenticity of electronic transactions, to legally bind parties to a digitally signed contract, and to provide a legal framework for enforcement of electronically signed documents. Thus, digital signatures allow parties to conduct electronic business transactions that were previously limited to paper with handwritten signatures.