WO1996025812A1 - A method enabling the authentication of a printout of a data file - Google Patents
A method enabling the authentication of a printout of a data file Download PDFInfo
- Publication number
- WO1996025812A1 WO1996025812A1 PCT/AU1996/000070 AU9600070W WO9625812A1 WO 1996025812 A1 WO1996025812 A1 WO 1996025812A1 AU 9600070 W AU9600070 W AU 9600070W WO 9625812 A1 WO9625812 A1 WO 9625812A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data file
- sender
- file
- recipient
- signature
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/32—Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
- H04N1/32101—Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3252—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N2201/00—Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
- H04N2201/32—Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
- H04N2201/3201—Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
- H04N2201/3225—Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to an image, a page or a document
- H04N2201/3233—Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to an image, a page or a document of authentication information, e.g. digital signature, watermark
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N2201/00—Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
- H04N2201/32—Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
- H04N2201/3201—Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
- H04N2201/3271—Printing or stamping
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N2201/00—Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
- H04N2201/32—Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
- H04N2201/3201—Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
- H04N2201/3278—Transmission
Definitions
- This invention relates to the computerised transmission of information from one person to another, either by means of a data transmission link between two computers, for example, two modems and a telephone line, whereby the information is read from a data recording medium in the sender's computer and written on to a data recording medium in the recipient's computer, or by the physical delivery from the sender to the recipient of an item of recording medium, for example a floppy disk, magnetic tape, compact disk or other carrier of the kind on which machine readable data may be recorded.
- a data recording medium in the sender's computer and written on to a data recording medium in the recipient's computer
- an item of recording medium for example a floppy disk, magnetic tape, compact disk or other carrier of the kind on which machine readable data may be recorded.
- a data file The totality of the data in any instance, when recorded or transmitted in machine readable form is referred to as a data file hereinafter, irrespective of the mode of recordal or transmission.
- a data file When a data file is expressed in person readable form, as by a hard copy print out, it is referred to as a document hereinafter.
- So called checksum validation programs are well known. These programs are routinely used to check, for example, the accuracy with which a data file may have been copied by a computer from one carrier to another (for example, from a disk in one of the computer's "drives" to a second disk in another of the computer's drives). Very briefly stated, such validation programs utilise redundant bits or redundant bytes that are deliberately included or omitted in the data record by the computer's operating system, to enable an algorithm based on summations of the meaningful bits and the redundant bits to arrive at a unique result, depending on the content of the data file and the algorithm used.
- the result When a checksum validation program is run the result may be expressed as a relatively short string of characters, referred to as a proof code hereinafter. If the proof code derived from one data file is identical to that derived from a second data file, then there is a high probability that the two files are identical. If two different checksum algorithms are used to produce two proof codes for each data file and these are respectively identical, then it is virtually certain that the two data files themselves are identical.
- DSA Digital Signature Algorithm
- Each user of the DSA is allocated two keys, each being unique to the user in question and each being a number in binary notation.
- One key is a private key known only to the user and used by the user when validating a data file by the application of an electronic signature. In the present circumstances the user has the role of a sender and would validate a data file, for the content of which he or she is responsible, prior to the file being transmitted to a recipient or otherwise made available to another party.
- the private key is, of course, kept secret by the sender.
- the other key is a public key that corresponds to the private key but is not the same as the private key.
- the public key is known generally and must be known by the recipient to be the public key of the sender.
- the DSA uses a hash function to produce a condensed version or
- the digital signature produced by the DSA differs from a personal hand written signature, which is unique to the person concerned and is unchanged from document to document, in that the digital signature produced in any instance depends on the identity of the signatory, as represented by his or her private key, and the data file content, as represented by the digest. In other words each electronic signature is unique to the sender and the particular data file validated by the sender.
- the recipient of the transmitted data file uses the same hash function to reproduce the digest and this is input, along with the sender's public key and the digital signature transmitted with the file.
- the DSA is then able to determine whether or not the three inputs are compatible with the presumptions that the data file is unchanged and that the digital signature could have been generated using the private key corresponding to the inputted public key. If such compatability is proved the DSA outputs a statement to the effect that the file is genuine and was validated by the nominated key holder.
- both checksum validation and DSA provide a means whereby a sender may validate a data file prior to transmission and a recipient with the necessary knowledge of the validation procedure may verify the accuracy of the received file, and in the case of DSA the identity of the validator.
- an object of the invention is to provide means for the authentication of a document that is allegedly hard copy printout of a data file following transmission of the data file from a sender to a recipient, in a manner analagous to the authentication of a written letter or like person readable document by the application of the author's signature thereto.
- the invention consists in a method enabling a sender of a data file to authenticate an alleged printout of the data file produced after transmission of the data file from the sender to a recipient, comprising the steps of generating a signature code that is unique to the sender and the said data file, making an entry comprising at least the signature code and an identifier of the data file in a secure and uneditable register accessible only by the sender, and entering the signature code into the data file before transmitting the file to the recipient.
- the method of the invention further comprises the step of validating the data file including the signature code before transmission to enable subsequent verification of the transmitted data file and signature code to be effected.
- validation is effected using either a DSA algorithm or a checksum algorithm, in which event the digital signature or the proof code, as the case may be, generated by the algorithm is preferably included in the register entry.
- the file identifier in the register entry may be no more than a file name, but preferably it also comprises bibliographic details of the file, or, in important cases, may comprise a complete copy of the file.
- the invention also consists in computer software embodying a program that causes a computer running under the control of the software to effect the method of the invention.
- the software is such that it is accessible for use only by an authorised user of the software on the input of a password by the user.
- the invention also consists in a computer when running or when programmed to run under the control of the program of the software of the invention.
- the single figure drawing is a flow chart of the operation of a method and computer program according to the invention, and showing possible further processing of the data file by its recipient.
- SENDER refers to the enclosure in the drawing bearing that word. That enclosure represents a person operating a computer programmed to carry out the method of the invention.
- the term computer as used herein embraces a programmable data processing device of the kind able to read data from a magnetic or other record carrier, receive data from an inputting keyboard, modem or other data source, store the data temporarily in memory, process the data in accordance with an inputted and stored program, and write the processed data to a magnetic or other data carrier.
- data processors are known and aquire their specific functionality from the program with which they are loaded for the time being.
- the present invention in one aspect, consists in a program for controlling such a computer.
- Each software embodiment of the present invention is characterised in that it will not run except on the input of the name of an authorised user of the particular embodiment (or other overt identifier code for that user) together with a covert identifier code (a data string unique to the sender that has been prior entered in a write only memory of the software).
- the two identifier codes constitute a password unique to the sender that is recognisable by that embodiment or those embodiments of the invention that the sender is authorised to use.
- the sender may INPUT THE DATA FILE file to be validated, that is to say the sender may load the file into the computer's internal memory, for example by causing the file to be read from a data carrier by the computer or by typing in the file content using the computer's keyboard, and identify the file to the computer by allocating a FILENAME to it and inputting that filename.
- the program then causes the computer to generate a SIGNATURE CODE and load bibliographic details of the file into a SECURE REGISTER.
- Those bibliographic details comprise at least the filename and the signature code, but preferably also include the date and time.
- the inputted bibliographic details comprise a register entry able to be retrieved as a unified item of data.
- the computer also ensures that the signature code is written into the data file to become an integral part thereof, as indicated by the CODE ADDED TO FILE enclosure.
- the signature code will appear on any genuine document that is or is a true copy of a printout of the data file.
- Each signature code generated by the software is a string of randomly produced letters and/or numerals of predetermined length. The string may be of such a length, for example 16 characters, as to ensure, for practical purposes, that the signature code generated for any one combination of authorised user and data file name is unique. Alternatively, and preferably, a shorter string may be used and the software, having generated a signature code, may compare same with all earlier generated codes for the authorised user concerned and reject any duplicates.
- the computer having "signed" the data file as aforesaid validates the signed file, utilising either a checksum algorithm or, more preferably a DSA algorithm, as indicated by VALIDATE USING PRIVATE KEY and then adds to the register entry the date and time of validation and preferably still more identifying information such as the file length and either the checksum proof codes or the digital signature.as the case may be, and identity of the validator.
- a complete copy of the file may also be stored in the SECURE REGISTER, as part of the relevant register entry.
- the sender may then transmit the signed file to the recipient, either by physical delivery of a record carrier containing the data file or by instructing the computer to TRANSMIT FILE over a communication system to the recipient's address.
- the recipient may print out a hard copy of the file, to see the identity of the author indicated thereon in conjunction with an alleged unique signature code. This may represent a sufficient presumption of validity for some recipients.
- the recipient may VERIFY the recieved data using the same validation program as that used by the sender to validate the file. If the validation was effected by means of a checksum algorithm, the recipient may refer back to the author to check whether the proof code(s) match. If the validation was effected by means of a DSA algorithm and the verification result is approval of the data file or if advised that the proofcodes match, there is a high presumption of validity of the file in the hands of therecipient, and he may confidently PRINT OUT documents from it for despatch or sale to others.
- the person concerned may return details of the signature code on the document to the sender, who may then access the secure register and print out the file having the same signature code as disclosed therein for visual comparison with the doubtful document.
- the inventive software may permit the original accession requiring the authorised user's password to enable the software to generate a stipulated plurality of signature codes.
Abstract
A method enabling a sender of a data file to authenticate an alleged printout of the data file produced after transmission from the sender to a recipient. Comprising generating a signature code that is unique to the sender and the data file, making an entry comprising at least the signature code and a data file identifier in a secure uneditable register accessible only by the sender, entering the signature code into the data file. The signature code will appear on any printout of the data file. Validating the data file and signature code by using a DSA or checksum algorithm before transmission to the recipient to enable verification of the transmitted data file and signature code. Verification of a doubtful data file is achieved by visual comparison with a printout from the secure register.
Description
A METHOD ENABLING THE AUTHENTICATION OF A PRINTOUT OF
A DATA FILE
TECHNICAL FIELD
This invention relates to the computerised transmission of information from one person to another, either by means of a data transmission link between two computers, for example, two modems and a telephone line, whereby the information is read from a data recording medium in the sender's computer and written on to a data recording medium in the recipient's computer, or by the physical delivery from the sender to the recipient of an item of recording medium, for example a floppy disk, magnetic tape, compact disk or other carrier of the kind on which machine readable data may be recorded.
The totality of the data in any instance, when recorded or transmitted in machine readable form is referred to as a data file hereinafter, irrespective of the mode of recordal or transmission. When a data file is expressed in person readable form, as by a hard copy print out, it is referred to as a document hereinafter.
BACKGROUND ART
It is often important for the recipient of a document to be sure of the identity of the sender or author and/or to be sure that the author has checked and approved the content of the document. Also, it is sometimes important for the author, or other person responsible for the content of a document, to be sure (or be in a position to check) that a document in the
hands of a recipient has not been tampered with or improperly altered by a third party either during its transmission to the recipient or by such a party or the recipient following its receipt by the latter.
Thus it is commonplace for the author of a written document to record his identity on the document by personally signing the document. Although forgery is known, and no doubt occurs from time to time, the fact remains that a written document, free of erasures or apparent alterations and bearing a personal and recognisable signature carries with it a strong presumption of authenticity, that is to say, a strong presumption that the message or data embodied in the document is a valid expression of the intended meaning of the person who signed the document. In commercial and every day activities such documents are commonly accepted as genuine, and are processed and acted upon without further ado.
With the development of computer controlled printers and plotters, the practice of computerised transmission of data files as described at the outset is becoming commonplace. Such transmission requires the recipient to have access to suitable equipment able, either to accept transmitted data and write it to a magnetic or other record carrier for later scanning and print out as a hard copy document for personal perusal, or merely to scan and print out, if the transmission was effected by the physical transfer of a record carrier.
Computerised transmission of a data file is quick and convenient, if only because of the compact nature of the carrier when a large amount of data is involved, but it suffers from the disadvantage that the final hard copy document does not carry the same degree of presumed authenticity as does a signed, written document. This is so, not only because most
printers under the control of a personal computer are unable to reproduce something as idiosyncratic as a signature but, more importantly, because of the ease with which commonly used magnetic data file recordings, for example, may be altered without the alteration being immediately apparent.
So called checksum validation programs are well known. These programs are routinely used to check, for example, the accuracy with which a data file may have been copied by a computer from one carrier to another (for example, from a disk in one of the computer's "drives" to a second disk in another of the computer's drives). Very briefly stated, such validation programs utilise redundant bits or redundant bytes that are deliberately included or omitted in the data record by the computer's operating system, to enable an algorithm based on summations of the meaningful bits and the redundant bits to arrive at a unique result, depending on the content of the data file and the algorithm used.
When a checksum validation program is run the result may be expressed as a relatively short string of characters, referred to as a proof code hereinafter. If the proof code derived from one data file is identical to that derived from a second data file, then there is a high probability that the two files are identical. If two different checksum algorithms are used to produce two proof codes for each data file and these are respectively identical, then it is virtually certain that the two data files themselves are identical.
Thus if a recipient of a data file were reliably informed of the checksum algorithm used by the sender and the proof code derived from the sender's application of it to validate the data file before transmission, then the recipient could verify the accuracy of the data file as received by
applying the algorithm to the received data file.
The so called Digital Signature Algorithm (DSA) is also well known prior art. It has the ability to to generate and verify electronic .signatures..
Each user of the DSA is allocated two keys, each being unique to the user in question and each being a number in binary notation. One key is a private key known only to the user and used by the user when validating a data file by the application of an electronic signature. In the present circumstances the user has the role of a sender and would validate a data file, for the content of which he or she is responsible, prior to the file being transmitted to a recipient or otherwise made available to another party. The private key is, of course, kept secret by the sender. The other key is a public key that corresponds to the private key but is not the same as the private key. The public key is known generally and must be known by the recipient to be the public key of the sender.
The DSA uses a hash function to produce a condensed version or
.digest, of the data file to be validated. That digest is then used as input by the DSA along with the user's private key to generate a digital signature (being a pair of large numbers in binary notation) which is transmitted with the data file to the recipient. Thus the digital signature produced by the DSA differs from a personal hand written signature, which is unique to the person concerned and is unchanged from document to document, in that the digital signature produced in any instance depends on the identity of the signatory, as represented by his or her private key, and the data file content, as represented by the digest. In other words each electronic signature is unique to the sender and the particular data file validated by the sender.
The recipient of the transmitted data file then uses the same hash function to reproduce the digest and this is input, along with the sender's public key and the digital signature transmitted with the file. The DSA is then able to determine whether or not the three inputs are compatible with the presumptions that the data file is unchanged and that the digital signature could have been generated using the private key corresponding to the inputted public key. If such compatability is proved the DSA outputs a statement to the effect that the file is genuine and was validated by the nominated key holder.
Thus both checksum validation and DSA provide a means whereby a sender may validate a data file prior to transmission and a recipient with the necessary knowledge of the validation procedure may verify the accuracy of the received file, and in the case of DSA the identity of the validator.
However neither of these known procedures go beyond authenticating the received data file, in particular they provide no guarantee to the recipient of a hard copy printout of a data file that the document is a true version of a validated data file. Also, a sender of a data file to a first recipient has no way of proving, if need be, that a document in the hands of a further recipient has not been derived from the data file that the sender originally validated.
DISCLOSURE OF THE INVENTION
Therefore, an object of the invention is to provide means for the authentication of a document that is allegedly hard copy printout of a data file following transmission of the data file from a sender to a recipient, in a
manner analagous to the authentication of a written letter or like person readable document by the application of the author's signature thereto.
The invention consists in a method enabling a sender of a data file to authenticate an alleged printout of the data file produced after transmission of the data file from the sender to a recipient, comprising the steps of generating a signature code that is unique to the sender and the said data file, making an entry comprising at least the signature code and an identifier of the data file in a secure and uneditable register accessible only by the sender, and entering the signature code into the data file before transmitting the file to the recipient.
In preferred embodiments, the method of the invention further comprises the step of validating the data file including the signature code before transmission to enable subsequent verification of the transmitted data file and signature code to be effected. Preferably that validation is effected using either a DSA algorithm or a checksum algorithm, in which event the digital signature or the proof code, as the case may be, generated by the algorithm is preferably included in the register entry. The file identifier in the register entry may be no more than a file name, but preferably it also comprises bibliographic details of the file, or, in important cases, may comprise a complete copy of the file.
The invention also consists in computer software embodying a program that causes a computer running under the control of the software to effect the method of the invention. Preferably the software is such that it is accessible for use only by an authorised user of the software on the input of a password by the user.
The invention also consists in a computer when running or when programmed to run under the control of the program of the software of the invention.
BRIEF DESCRIPTION OF THE DRAWINGS
The single figure drawing is a flow chart of the operation of a method and computer program according to the invention, and showing possible further processing of the data file by its recipient.
BEST MODE OF CARRYING OUT THE INVENTION.
The various enclosures in the drawing are identified below by the legend on each rendered in upper case.
Thus, SENDER refers to the enclosure in the drawing bearing that word. That enclosure represents a person operating a computer programmed to carry out the method of the invention. The term computer as used herein embraces a programmable data processing device of the kind able to read data from a magnetic or other record carrier, receive data from an inputting keyboard, modem or other data source, store the data temporarily in memory, process the data in accordance with an inputted and stored program, and write the processed data to a magnetic or other data carrier. Such data processors are known and aquire their specific functionality from the program with which they are loaded for the time being. Thus, as indicated earlier, the present invention, in one aspect, consists in a program for controlling such a computer.
Each software embodiment of the present invention is characterised
in that it will not run except on the input of the name of an authorised user of the particular embodiment (or other overt identifier code for that user) together with a covert identifier code (a data string unique to the sender that has been prior entered in a write only memory of the software). The two identifier codes constitute a password unique to the sender that is recognisable by that embodiment or those embodiments of the invention that the sender is authorised to use. After the input of the PASSWORD, thereby gaining access to the program, the sender may INPUT THE DATA FILE file to be validated, that is to say the sender may load the file into the computer's internal memory, for example by causing the file to be read from a data carrier by the computer or by typing in the file content using the computer's keyboard, and identify the file to the computer by allocating a FILENAME to it and inputting that filename.
The program then causes the computer to generate a SIGNATURE CODE and load bibliographic details of the file into a SECURE REGISTER. Those bibliographic details comprise at least the filename and the signature code, but preferably also include the date and time. The inputted bibliographic details comprise a register entry able to be retrieved as a unified item of data.
The computer also ensures that the signature code is written into the data file to become an integral part thereof, as indicated by the CODE ADDED TO FILE enclosure. This amounts to signing the data file in that the signature code identifies both the authorised user and the particular data file being authenticated and is retrieved with the other data of the file if and when the file is retrieved by name. Furthermore the signature code will appear on any genuine document that is or is a true copy of a printout of the data file.
Each signature code generated by the software is a string of randomly produced letters and/or numerals of predetermined length. The string may be of such a length, for example 16 characters, as to ensure, for practical purposes, that the signature code generated for any one combination of authorised user and data file name is unique. Alternatively, and preferably, a shorter string may be used and the software, having generated a signature code, may compare same with all earlier generated codes for the authorised user concerned and reject any duplicates.
According to the preferred embodiment of the method of the invention now being described, the computer having "signed" the data file as aforesaid validates the signed file, utilising either a checksum algorithm or, more preferably a DSA algorithm, as indicated by VALIDATE USING PRIVATE KEY and then adds to the register entry the date and time of validation and preferably still more identifying information such as the file length and either the checksum proof codes or the digital signature.as the case may be, and identity of the validator.
If desired, a complete copy of the file may also be stored in the SECURE REGISTER, as part of the relevant register entry.
A prudent user would probably print out a document from the signed file and retain it in a safe place.
The sender may then transmit the signed file to the recipient, either by physical delivery of a record carrier containing the data file or by instructing the computer to TRANSMIT FILE over a communication system to the recipient's address.
Upon computer accessing and recording the signed data file, or upon receipt of the authenticated carrier, the recipient may print out a hard copy of the file, to see the identity of the author indicated thereon in conjunction with an alleged unique signature code. This may represent a sufficient presumption of validity for some recipients.
Otherwise, if desired, the recipient may VERIFY the recieved data using the same validation program as that used by the sender to validate the file. If the validation was effected by means of a checksum algorithm, the recipient may refer back to the author to check whether the proof code(s) match. If the validation was effected by means of a DSA algorithm and the verification result is approval of the data file or if advised that the proofcodes match, there is a high presumption of validity of the file in the hands of therecipient, and he may confidently PRINT OUT documents from it for despatch or sale to others.
In the event that a subsequently produced hard copy document is brought into question, the person concerned may return details of the signature code on the document to the sender, who may then access the secure register and print out the file having the same signature code as disclosed therein for visual comparison with the doubtful document.
It will be realised that as a matter of commercial reality it is sometimes necessary for a person who is ultimately responsible for the content of a data file, to rely on trusted associates, for example employees, to actually produce the file and even "sign" it on his or her behalf. Thus, as a variation, the inventive software may permit the original accession requiring the authorised user's password to enable the software to generate a stipulated plurality of signature codes.
INDUSTRIAL APPLICABILITY
To exemplify the industrial application of the invention two possible applications to existing situations are now instanced.
(a) The New South Wales Land Titles Office is currently investigating, with the view of implementing, a system which would require surveyors producing deposited plans to present same as a digital record on a floppy disk. This would enable the Office to reduce its storage space for stocks of such plans, and yet print out a hard copy of any required plan for immediate sale in response to an inquiry for same. Clearly it would be important to the surveyor for him to be able to prove that the record was tampered with, if in a later dispute between two title holders it is found that a printed out plan is inaccurate. Equally, it would be important for him to be able to identify the certifying surveyor of an existing plan if he were to use the print out of an existing plan as a basis for a later plan and it is subsequently found that inaccuracies in the existing plan led him into error. Hitherto, the surveyor producing a hard copy plan was required to sign same and also sign an endorsement on it to the effect that he had checked the plan for errors. The present invention enables an equivalent degree of authentication to be effected in respect of a plotter control program embodied in a floppy disk.
(b) Some Patent Offices now allow patent applications to be submitted as a data file on a floppy disk. Once again it is clearly desirable for the applicant to be able to prove what wording was recorded on the disk as submitted, in the event that during the prosecution of the application some discrepancy appears or if the granted patent when printed shows some discrepancy.
Claims
1. A method enabling a sender of a data file to authenticate an alleged printout of the data file produced after transmission of the data file from the sender to a recipient, comprising the steps of generating a signature code that is unique to the sender and the said data file, making an entry comprising at least the signature code and an identifier of the data file in a secure and uneditable register accessible only by the sender, and entering the signature code into the data file before transmitting the file to the recipient.
2. A method according to claim 1 further comprising the step of validating the data file inclusive of the signature code before transmitting the file.
3. A method according to claim 2 wherein the step of validating is effected by means of a DSA algorithm utilising a private key and a public key allocated to the sender, which generates a digital signature.
4. A method according to claim 3 wherein said entry also includes a record of the sender's identity and the digital signature.
5. A method according to claim 2 wherein the step of validating is effected by means of a checksum algorithm, which generates a proof code.
6. A method according to claim 5 wherein the said entry also includes the proof code.
7. A method according to claim 1 wherein the file identifier comprises at least a filename.
8. A method according to claim 7 wherein the file identifier further comprises a complete copy of the file.
9. Computer software embodying a program that causes a computer running under the control of the software to effect a method according to any one of the preceding claims.
10. Computer software according to claim 9 that is accessible for use only by an authorised user of the software on the input of a password by the user.
11. A computer when programmed to run under the control of the program embodied in software according to claim 10.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU46152/96A AU4615296A (en) | 1995-02-17 | 1996-02-12 | A method enabling the authentication of a printout of a data file |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AUPN1235 | 1995-02-17 | ||
AUPN1235A AUPN123595A0 (en) | 1995-02-17 | 1995-02-17 | Computer file signature code and validation software |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1996025812A1 true WO1996025812A1 (en) | 1996-08-22 |
Family
ID=3785592
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/AU1996/000070 WO1996025812A1 (en) | 1995-02-17 | 1996-02-12 | A method enabling the authentication of a printout of a data file |
Country Status (2)
Country | Link |
---|---|
AU (1) | AUPN123595A0 (en) |
WO (1) | WO1996025812A1 (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2358115A (en) * | 1999-09-17 | 2001-07-11 | Ibm | Method and system for remote printing of duplication resistent documents |
US6385728B1 (en) | 1997-11-26 | 2002-05-07 | International Business Machines Corporation | System, method, and program for providing will-call certificates for guaranteeing authorization for a printer to retrieve a file directly from a file server upon request from a client in a network computer system environment |
WO2004095311A2 (en) * | 2003-04-23 | 2004-11-04 | Electronic Data Systems Corporation | Checksum-based validation of data blocks in a computer-implemented document |
DE10242654B4 (en) * | 2001-09-28 | 2006-08-17 | Hewlett-Packard Development Co., L.P., Houston | A method of printing a document, printing device and computer readable medium |
CN100454274C (en) * | 2001-12-05 | 2009-01-21 | 佳能株式会社 | Safty printing using secrete key after being checked |
US7526647B2 (en) * | 1999-05-25 | 2009-04-28 | Silverbrook Research Pty Ltd | Authorization protocol for network publishing |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5157726A (en) * | 1991-12-19 | 1992-10-20 | Xerox Corporation | Document copy authentication |
US5388158A (en) * | 1992-11-20 | 1995-02-07 | Pitney Bowes Inc. | Secure document and method and apparatus for producing and authenticating same |
US5432618A (en) * | 1991-09-12 | 1995-07-11 | Gemplus Card International | Method and device for the certification of messages sent by facsimile transmission |
EP0676877A2 (en) * | 1994-04-05 | 1995-10-11 | International Business Machines Corporation | Method and apparatus for authentication and verification of printed documents using digital signatures and authentication codes |
-
1995
- 1995-02-17 AU AUPN1235A patent/AUPN123595A0/en not_active Abandoned
-
1996
- 1996-02-12 WO PCT/AU1996/000070 patent/WO1996025812A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5432618A (en) * | 1991-09-12 | 1995-07-11 | Gemplus Card International | Method and device for the certification of messages sent by facsimile transmission |
US5157726A (en) * | 1991-12-19 | 1992-10-20 | Xerox Corporation | Document copy authentication |
US5388158A (en) * | 1992-11-20 | 1995-02-07 | Pitney Bowes Inc. | Secure document and method and apparatus for producing and authenticating same |
EP0676877A2 (en) * | 1994-04-05 | 1995-10-11 | International Business Machines Corporation | Method and apparatus for authentication and verification of printed documents using digital signatures and authentication codes |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6385728B1 (en) | 1997-11-26 | 2002-05-07 | International Business Machines Corporation | System, method, and program for providing will-call certificates for guaranteeing authorization for a printer to retrieve a file directly from a file server upon request from a client in a network computer system environment |
US7526647B2 (en) * | 1999-05-25 | 2009-04-28 | Silverbrook Research Pty Ltd | Authorization protocol for network publishing |
US7877606B2 (en) | 1999-05-25 | 2011-01-25 | Silverbrook Research Pty Ltd | Method of authorizing network publishing |
GB2358115A (en) * | 1999-09-17 | 2001-07-11 | Ibm | Method and system for remote printing of duplication resistent documents |
DE10242654B4 (en) * | 2001-09-28 | 2006-08-17 | Hewlett-Packard Development Co., L.P., Houston | A method of printing a document, printing device and computer readable medium |
US8041952B2 (en) | 2001-09-28 | 2011-10-18 | Hewlett-Packard Development Company, L.P. | Systems and methods for printing documents containing electronic signatures |
CN100454274C (en) * | 2001-12-05 | 2009-01-21 | 佳能株式会社 | Safty printing using secrete key after being checked |
WO2004095311A2 (en) * | 2003-04-23 | 2004-11-04 | Electronic Data Systems Corporation | Checksum-based validation of data blocks in a computer-implemented document |
WO2004095311A3 (en) * | 2003-04-23 | 2005-09-15 | Electronic Data Syst Corp | Checksum-based validation of data blocks in a computer-implemented document |
US7246309B2 (en) | 2003-04-23 | 2007-07-17 | Electronic Data Systems Corporation | Validating one or more data blocks in a computer-implemented document derived from another computer-implemented document |
Also Published As
Publication number | Publication date |
---|---|
AUPN123595A0 (en) | 1995-03-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10567173B2 (en) | Secure messaging with disposable keys | |
US7039805B1 (en) | Electronic signature method | |
US5022080A (en) | Electronic notary | |
EP0386867B1 (en) | Improved public key/signature cryptosystem with enhanced digital signature certification | |
US7644280B2 (en) | Method and system for linking certificates to signed files | |
US6658403B1 (en) | Apparatus and method for managing electronic original data | |
US20060271787A1 (en) | System and method for validating a hard-copy document against an electronic version | |
US5872848A (en) | Method and apparatus for witnessed authentication of electronic documents | |
CA2594018C (en) | Method and process for creating an electronically signed document | |
US20080091954A1 (en) | Method and system for facilitating printed page authentication, unique code generation and content integrity verification of documents | |
JP3754565B2 (en) | Electronic seal mark authentication system | |
US8040541B2 (en) | Secure document printing | |
US20040225884A1 (en) | Electronic signature system and method | |
CA2242130A1 (en) | Method for parallel approval of documents in a distributed network | |
EP1171811A1 (en) | System and method for document-driven processing of digitally-signed electronic documents | |
WO2007041462A2 (en) | Signature authentication | |
WO2002025864A1 (en) | Identification and contact information | |
US7581109B2 (en) | Delegation of electronic signature by multi-agent cryptography | |
WO1996025812A1 (en) | A method enabling the authentication of a printout of a data file | |
JPH07182431A (en) | Electronic slip processing system with stamping function | |
Sharma et al. | Certificates on Blockchain | |
KR102625970B1 (en) | Confirmation system for original of proof documents | |
AU2021100429A4 (en) | Printed document authentication | |
KR100760647B1 (en) | Authenticated link address service system and method thereof | |
JPH0981517A (en) | System for approving electronic document by copy to and collation with electronic file |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AU CA GB JP US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 08687443 Country of ref document: US |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
NENP | Non-entry into the national phase |
Ref country code: CA |
|
122 | Ep: pct application non-entry in european phase |