The present invention relates to a system for maintaining security of electronic documents. In particular, the present invention relates to a method and system for securely incorporating digital signatures into electronic documents.
The Internet has provided network users with a mechanism for reducing communication costs by distributing maintenance costs of the network amongst a number of different network servers. This requirement has provided the Internet with a distinctly xe2x80x9copenxe2x80x9d character, with the result that electronic documents transmitted over the Internet can be intercepted by parties other than the intended recipients, altered by the intercepting parties, and then transmitted to the original intended recipients without the recipients having knowledge of the alteration. This weakness can be particularly problematic, particularly for parties engaged in e-commerce transactions over the Internet, since the terms of an order can be altered by a third party without authorization from the ordering party. Alternately, credit card numbers, bank account numbers or other financial information necessary for completion of e-commerce transactions can be intercepted and used by unscrupulous parties to generate unauthorized orders for goods or services.
To address this problem, the concept of a digital signature was developed as a means for allowing recipients of electronic documents to verify the authenticity of the electronic document. To use a digital signature, an originator of an electronic document first obtains from a trusted source a private encryption key uniquely associated with the document originator. The private encryption key is also uniquely associated with a publicly available encryption key which allows recipients of electronic documents encrypted with the associated private encryption key to decrypt the encrypted document using the associated public encryption key. Since the private encryption key is provided only to the document originator, recipients of the encrypted document can use the public encryption key to verify that the encrypted document originated from the document originator. The trusted source maintains a database of publicly available digital certificates, each of which identify the name of the holder of a private encryption key, and the public encryption key associated with the private encryption key.
After the document originator is assigned a private encryption key, the document originator applies a hash algorithm to the electronic document. Preferably, the hash algorithm returns a data word which is uniquely associated with the electronic document, but does not allow the electronic document to be recreated from the data word. The document originator then encrypts the hashed data word with the assigned private encryption key, thereby producing a digital signature which is uniquely associated with the electronic document and the document originator. The digital signature is appended to the electronic document, and is transmitted to the intended recipient together with a copy of the originator""s digital certificate. Typically, each digital certificate also includes the digital signature of the trusted source.
Upon receipt of the electronic document, the recipient verifies the authenticity of the document by first decrypting the digital signature attached to the digital certificate using the public encryption key supplied by the trusted source. The recipient then applies the hash algorithm to the digital certificate, and then compares the data word returned from the hash algorithm with the data word extracted from the digital signature of the digital certificate. If the hash values match, the recipient has verification that the digital certificate is authentic, and that the public encryption key included with the digital certificate was assigned by the trusted source. After the digital certificate is authenticated, the document recipient decrypts the digital signature attached to the electronic document using the public encryption key included with the digital certificate, applies the hash algorithm to the electronic document, and then compares the data word returned from the hash algorithm with the hashed data word extracted from the digital signature of the electronic document. If the hash values match, then the document recipient has verification that the electronic document originated from the named originator, and was not altered during transmission by third parties.
Although digital signatures have significantly enhanced the ability of document recipients to verify the authenticity of an electronic document, the mechanism by which digital signatures are employed has remained cumbersome. For instance, if the document originator wishes to transmit a digitally signed e-mail message, the originator must obtain and install e-mail software capable of generating a hash value and using a private encryption key for encrypting the hash value. Further, typically the originator must have access to an Internet browser capable of establishing a secure communications path with the encryption key provider for providing the e-mail software with the private encryption key. Although digital encryption compliant e-mail software packages and secure Internet browsers are now available for use on Windows-based operating systems, digital encryption compliant e-mail software packages are not available for all operating systems. Also, the transmission of digitally signed electronic documents from portable wireless devices is often hindered by the computing power and memory resource limitations of such devices.
Digital signatures have also gained popularity for use with electronic cheques as a mechanism to avoid repudiation For instance, the Financial Services Technology Consortium (U.S. Pat. No. 5,677,955) has developed an electronic finds transfer instrument (electronic cheque) as a venue for electronic bill payment. The electronic cheque is generated on a computer-based system which includes a hardware peripheral device for receiving a PCMCIA card. The PCMCIA card is used by cheque issuer""s bank, and securely stores the user""s private encryption key, and a personal identification number to prevent unauthorized access to the encryption key. The PCMCIA card also includes a register for identifying cheques signed and issued, a mechanism to calculate the hash value of the electronic cheques, and a mechanism to calculate digital signatures from the hash values using the private encryption key. The computer-based system interfaces with the PCMCIA card, and is configured to endorse the electronic cheque with the digital signature received from the PCMCIA card, and to electronically transmit the endorsed electronic cheque to the recipient. Although the computer-based system provides a mechanism for securely generating and transmitting electronic cheques, rapid deployment of the system is limited by the need for a PCMCIA interface device and by the requirement that the issuing bank encode the user""s PCMCIA card with the user""s private encryption key.
Therefore, there remains a need for a mechanism which facilitates the use of digital signatures across a variety of computing platforms, and without the necessity of hardware peripheral devices.
According to the present invention, there is provided a digital signature system and a method of providing digital signatures for electronic documents which addresses deficiencies of the prior art.
The digital signature system, according to a first aspect of the present invention, includes a data receiver for receiving an electronic document over a network; an encryption key database, and a signature processor in communication with the encryption key database and the data receiver. The encryption key database includes encryption key records, each being associated with a subscriber of the database and identifying an encryption key uniquely associated with the subscriber. The signature processor is configured for receiving an indicator of one of the subscribers and for deriving a digital signature from the received electronic data and the encryption key associated with the one subscriber.
The method of providing digital signatures, according to the first aspect of the present invention, includes the steps of (1) providing an encryption key database including encryption key records, each record being associated with a subscriber of the database and identifying an encryption key uniquely associated with the subscriber; (2) receiving electronic data over a network; (3) receiving an indicator of one of the database subscribers; and (4) deriving a digital signature from the received electronic data and the encryption key associated with the one database subscriber.
The digital signature system, according to a second aspect of the present invention, includes a data receiver, an encryption key database, a data processor in communication with the encryption key database and the data receiver, and a data transmitter in communication with the data processor. The data receiver is configured for receiving over a network electronic data from one of a number of network users. The encryption key database includes encryption key records, each being associated with a respective one of the network users and identifying an encryption key uniquely associated with the one network user. The data processor is configured for deriving a digital signature from the received electronic data and the encryption key associated with the one network user. The signature transmitter is configured for providing the one network user with the derived digital signature.
The method of providing digital signatures, according to the second aspect of the present invention, includes the steps of (1) providing an encryption key database including encryption key records, each record being associated with a subscriber of the database and identifying an encryption key uniquely associated with the subscriber; (2) receiving over a network electronic data from one of the database subscribers; (3) deriving a digital signature from the received electronic data and the encryption key associated with the one database subscriber; and (4) transmitting the derived digital signature to the one database subscriber.
In accordance with a preferred implementation of the invention, the one database subscriber is also the originator of the electronic data, and the data originator identifies itself by providing the signature processor with an personal identification number assigned to the data originator. Upon receipt of the personal identification number, the signature processor derives the digital signature with the encryption key assigned to the data originator. After the digital signature is derived, the digital signature system transmits the derived digital signature to the data originator. In one variation, the signature processor includes a document database including template records, each template record including at least one document data item. The data receiver is configured to receive from the one database subscriber an indicator of a selected one of the template records, and the signature processor is configured for assembling an electronic document from the received electronic data and the at least one document data items of the selected one template record, and for deriving the digital signature from the assembled electronic document. The data transmitter is configured to transmit the assembled electronic document together with the derived digital signature to the one database subscriber.