The invention is related to the field of cryptography and more specifically to cryptographically timestamping documents to prove their existence at a certain time.
In many common situations, people need to verify that a digital document (i.e. a document such as a contract or receipt that is digitally stored in a computer system) existed on a certain date. That is, we may need to prove that no one has altered or revised the digital document since a certain date such as the alleged creation date or distribution date of the document.
One method of providing such proof is known as electronic notarizing or timestamping. A one-way hash of the document is produced, and the hash is encrypted using a private key of the owner of the document in order to form a so called digital signature. The document signature is sent to a digital notary or time stamper who combines the digital signature with a digital stamping time (digital representation of the time and date) to form a time stamp, and the notary hashes the time stamp and encrypts the time stamp hash using the digital notary""s private key to form another digital signature called the time stamp signature. Then the notary sends a record including the time stamp and the time stamp signature to the author. Anyone with access to the time stamp and notary""s signature can then hash the time stamp and use the notary""s public key to decrypt the notary""s signature and compare the hash to the decryption to prove that the author""s signature, and thus the document, existed when the time stamp was created, and that, the author""s signature and the stamping time were originally encrypted together by someone who had access to the notary""s private key.
Notarizing digital documents is disclosed in U.S. Pat. No. 5,136,646. Notarizing by secure hardware in a system is disclosed in U.S. Pat. No. 5,001,752. Public key cryptography is disclosed in xe2x80x9cNew Directions in Cryptographyxe2x80x9d by Diffie and Hellman in IEEE Transactions On Information Theory, Vol IT-22, November 1976, pp 644-654 and in U.S. Pat. No. 4,405,829 to Rivest and U.S. Pat. No. 4,868,877. One-way hashing is disclosed in xe2x80x9cCollision-Free Hash Functions and Public Key Signature Schemesxe2x80x9d, Advances in Cryptology-Eurocrypt ""87, Springer-Verlag, LNCS, 1988, vol. 304, pp. 203-217.
The above citations are hereby incorporated in whole by reference.
It is an object of the invention to provide methods and apparatus for the authentication of review activity logs of digital documents.
In the inventions disclosed herein, a first document is reviewed and a digital log (review document) of review activities during a review of the first document and then the review document is digitally signed and the signature is notarized in such a way, that the relationship between the first document and the review document can be proved as well as the origination and integrity of the review document and the time of the review document""s notarization.
It is another object of the invention to provide methods and apparatus for authenticating presentations that document critical procedures.
In the invention a digital activity log of a critical procedure is produced and the activity log is digitally signed and notarized, so that, the integrity and origination of the activity log can be proved.
In one embodiment of the invention, an image is created and sent to a secure server. The server signs the image (hashes the image and encrypts the hash) and sends the server""s image signature to an electronic notary which notarizes the image signature. Preferably, the notary returns a time stamp and time stamp signature for the image signature (image time stamp and notary""s image signature) to the server. Then upon request, the server sends the image and server""s image signature to a reviewer who uses the signature to verify the origin and integrity of the image. The reviewer may also receive the image time stamp and notary""s image signature and verify the time of notarization of the image. Then the reviewer (human) reviews the image and the reviewer""s workstation automatically creates a review activity log (review) which is returned to the server. The server combines the review with information indicating that the review is related to the image. The identifying information may be, for example, the image hash, image signature, image time stamp or notary""s image signature. Then, the server signs the combination and sends the server""s review signature to the notary which notarizes the server""s review signature.
Preferably, the notary returns a review time stamp and notary""s review signature to the server. Then upon request, the server sends the image, image signature, review, and review signature to an auditor who can verify the origin and integrity of the review, that the review was based on the image, and the origin and integrity of the image. The server may also send the image time stamp, notary""s image signature, review time stamp, and notary""s review signature to the auditor who can verify the time of notarization for the image and review. Then the auditor can review the quality of the image and the quality of the review.
In another embodiment of the invention, a report is signed by the author before the report is sent to the server. Then the report and author""s signature are sent to a server which sends the author""s signature to the notary which notarizes the author""s signature. Preferably, the notary returns a time stamp and time stamp signature for the report to the server. Then, later upon request, the server sends the report and report signature to the reviewer who can use the report signature to verify the origin and integrity of the report. The server may also send the report time stamp and notary""s signature to the reviewer who can verify the time at which the report was notarized. The human reviewer reviews the report and the reviewer""s workstation automatically creates a review (log of activities and conclusions of the review process). Then, information indicating the relationship between the review and the original document is combined with the review and the combination is signed by the reviewer. The review and reviewer""s signature are sent to the server which sends the reviewer""s signature to the notary which notarizes the reviewer""s signature. Preferably, the notary returns a review time stamp and a notary""s review signature to the server.
In a third embodiment of the invention, a multimedia presentation is produced in order to document the activities performed during a critical procedure, so that, the correctness of the procedure can be demonstrated. The author signs the presentation and sends the presentation signature to an electronic notary who notarizes the signature. Preferably, the electronic notary creates a time stamp for the presentation, signs the time stamp, and returns the presentation time stamp and notary""s presentation signature to the author. Then upon request, the author sends the presentation, the presentation time stamp, and the notary""s presentation signature to the reviewer. The reviewer verifies the origin and integrity of the presentation and verifies the time of notarization in the presentation time stamp. As the human reviewer reviews the presentation, the reviewer""s workstation automatically creates a review (review activities log). When the review is complete the reviewer signs the review and sends the reviewer""s signature to an electronic notary. The notary creates a time stamp, signs the time stamp, and returns the time stamp and notary""s signature for the review to the reviewer. Then upon request, the reviewer sends the review and review signature as well as the time stamp and notary""s signature for the review to an auditor. The auditor verifies the origin and integrity of the review and verifies the time of notarization. Also, the notary requests the presentation and presentation signature from the author as well as the time stamp and notary""s signature for the presentation. The auditor verifies the origin and integrity of the presentation and verifies the time of the notarization. Then the auditor reviews the quality of the presentation and/or the quality of the review.
As described above, in embodiments where the notary returns a time stamp and time stamp signature, they can be distributed to allow others to verify the time of notarizing of the digital documents. Alternatively, or in addition, other methods of verifying the time of notarization can be provided. Time stamps can be authenticated by having the notary resign the time stamp and return the signature and then checking whether the old and new signatures match. Another method of authenticating time stamps, is to provide information from the time stamp or the notary""s signature to the notary and requesting that the notary use the information to find the notary""s record of the time stamp and signature, and return information regarding success or failure or return the time stamp and signature, from the notary""s records. Another method of authenticating time stamps, is for the notary to always return one or more previous and subsequent time stamps to the customer, and then the customer can contact other customers identified in the subsequent time stamps and request those customers to verify the time for the time stamp.
Other alternatives and advantages of applicant""s inventions will be disclosed or become obvious to those skilled in the art by studying the detailed description below with reference to the following drawings which illustrate the elements of the appended claims of the inventions.