JP2009535898A - Secure signature - Google Patents

Abstract

  Systems and methods for secure signatures are described. In one aspect, a secure signature is created. A secure signature strongly binds an image of an electronic signature (“electronic signature”) to content in either electronic or printed form. In response to receiving the request from the user, the system and method determines whether the electronic signature associated with the printed page represents a secure signature. If so, the system and method determines whether it has been encrypted and bound by the signer of the electronic signature for the content being signed and informs the user.

Description

  The present invention relates to secure signatures.

  Obtaining a personal handwritten signature reveals the identity, the intention of the individual (signer) to execute the document (eg, record, contract, memorandum, etc.) and the individual's positive intention to be bound by the content of the document This is a conventional effective method for achieving the above. Even in today's digital era, handwritten signatures are a necessary part of legal agreements, banking and credit card transactions, and all kinds of contracts. When an individual electronically signs a document (eg, using a pen attached to a pen pad device such as a graphic pad, tablet PC, etc.), a digital image (eg, JPEG, TIFF, or other type of handwritten signature) Image) is attached or logically associated with the document. A digital image of a handwritten signature is an electronic signature that is legally equivalent to a personal handwritten signature.

  By using image processing software, an individual's electronic signature can typically be cut / copied from a document and pasted / copied to a different document for the purpose of unauthorized use. Such unauthorized use includes, for example, forgery of documents and approval by impersonation. The rapid increase in the problem of theft of personal information indicates that unauthorized use of electronic signatures can be easily performed.

  A system and method for secure signatures is described. In one aspect, a secure signature is created. A secure signature strongly binds an image of an electronic signature (“electronic signature”) to content in either electronic or printed form. In response to receiving the request from the user, the system and method determines whether the electronic signature associated with the printed page represents a secure signature. If so, the system and method determines whether the secure signature has been encrypted and bound to the signed content by the digital signature signer and informs the user.

  The present disclosure is provided in a simplified form to introduce one selection of concepts and is further described in the detailed description below. The present disclosure is not intended to clarify the primary or essential function of the claimed subject matter, nor is it intended to be used as an aid in determining the scope of the claimed subject matter.

  A secure signature system and method is described below with reference to FIGS. The system and method secures a digital image of a personal handwritten signature (eg, “electronic signature”) by binding or binding the electronic signature to the specific content of the particular digital document being signed. Is added. As will be explained below, this also binds the printing plate of the electronic signature image (in this case ink / toner) to the printing plate of the electronic document. To that end, the system and method creates a first collision-resistant hash by combining the personal digital signature and the content of the electronically signed document. By using the private key of the individual / signer, the system and method electronically sign the collision-resistant hash using one of several available public key cryptography techniques. For this purpose, an electronic signature of the public key is created. By using a reversible approach (eg, least significant bit mapping, etc.), the system and method allows a “secure signature” by inserting / embedding a public key digital signature into bits associated with an electronic signature. create. A secure signature comprises a digitally signed electronic document fingerprint along with the original document content that can only be decrypted using the public key of the private / public key pair of the individual. This secure signature binds the personal signature to the content. At this point, the document can be distributed to the end user for viewing and printing.

  In order to verify whether a personal signature is truly bound / bound to the contents of an electronic document or printed (non-electronic) document, the system and method can Is first a “secure signature”. As described above, a secure signature includes a public key digital signature with a hash value created from the electronic signature of the individual and the content of the document actually signed by the individual. (If the document with the signature is a paper / print document, the document is scanned to create an electronic document representing the print document.) Systems and methods are published embedded in a digital image of a signature. If the key digital signature is not detected (eg, the signature is not a secure signature), the system and method will not be able to verify that the electronic document truly binds the signer to the document content. By way of example, a personal signature can be counterfeited by printing a document with a digital image of a secure signature, and tracing a printed version of the digital image to create a “clean” signature. There is a possibility that. In this scenario, a “clean” signature will not include the signer's signature that is programmatically detectable and embeds the embedded signer's public key digital signature that binds the specific content of the document.

  If the system and method can extract the public key digital signature from the signature, the signature represents a secure signature. The retrieved public key digital signature is then decrypted using the individual / signer's public key (private / public key pair). The system and method calculate a second collision-resistant hash of the document content (in this example, the document content is a digital image of a personal handwritten signature (eg, an electronic signature) minus the retrieved public key digital signature). ). If the first hash and the second hash match, then the system and method verify that the individual's signature represents the individual's intention to execute the document. Otherwise, such associations are not verified.

  These and other aspects of secure signatures are described in more detail.

(Example system)
Although not required, the secure signature system and method are described in the general context of computer-executable instructions executed by a computing device such as a personal computer. Program modules typically include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. While the systems and methods are described in the above context, the operations and operations described below can also be implemented in hardware.

  In accordance with one embodiment, FIG. 1 illustrates an exemplary system 100 for secure signatures. In this implementation, the system 100 includes a computer device 102 such as a general purpose computer device, a server, a laptop computer, a mobile computer device, or a tablet PC. Tablet PCs typically include touch screen or discretized tablet technology that allows a user to operate a computer using a stylus or digital pen instead of a keyboard or mouse. In one embodiment, the computing device 102 provides / writes a handwritten signature using a stylus pen (a pen-like drawing device) as well as drawing an image using pencil and paper. Connected to an input / output device 104 such as a graphics tablet.

  Computer device 102 includes one or more processors 106 connected to respective tangible computer readable storage media, such as system memory 108. The processor 106 can be a microprocessor, microcomputer, microcontroller, digital signal processor, or the like. The system memory 108 may be, for example, volatile random access memory (eg, RAM) for computer program instructions executable by the processor 106 and program data created and / or used by the computer program instructions. ) And non-volatile read-only memory (eg, ROM, flash memory, etc.). Such computer program instructions are shown as program modules 110 and program data is shown as program data 112. In these implementations, for example, the program module 110 includes a secure handwritten signature module 114, and the other program module 116 includes an operating system (OS) that provides a runtime environment, a public key cryptographic application, a device driver, and the like. .

  The secure handwritten signature module 114 (hereinafter often referred to as the “secure signature module 114”) represents an individual's electronic signature and represents the content of the document 120 (eg, a recorded document, contract document, memorandum, official letter, etc.). A secure signature 118 that encrypts and binds to one or more pages of the current content. An electronic signature represents a digital image version of a personal handwritten signature (also referred to as a “signer”). Such an electronic signature is shown as a respective part of “other program data” 124. In one embodiment, the secure signature module 114 receives an electronic signature from an input / output device such as a card reader or graphic pad. For example, in one embodiment, an individual creates a digital signature using a pen / stylus pen attached to a digital pen pad device (eg, a graphic pad, tablet PC, etc.). In this scenario, an electronic signature is connected or otherwise logically associated with the document 120. At this point, the electronic signature represents the user's positive intention to execute the content of the document 120 (the user's positive intention bound by the content of the document 120). In view of such electronic signatures, the secure signature module 114 creates a secure signature 118 that encrypts / binds the user's electronic signature to the content of the following document 120.

  Let D be a bitmap of the original document 120 electronically signed by the user. By using one of several available collision-resistant cryptographic hash functions (eg, SHA1 etc.) available, the secure signature module 114 is D's collision-resistant cryptographic hash (“hash 126”) h ( D) is created. The secure signature module 114 creates h (D) from the signer's electronic signature and the content of the document 120. By using the public key cryptography application / infrastructure (eg, RSA, DSA, ECDSA, BLS, etc.) and the user / signer private key, the secure signature module 114 can generate the public key digital signature from h (D). 122 (R) (note that at this point the claimed identity of the signer has been verified by the system using the public key infrastructure). That is, the secure signature module 114 encrypts and signs h (D) and creates R. Secure signature module 114 then creates secure signature 118 by inserting / embedding or logically associating R (122) with the bits of the electronic signature. In this way, the secure signature 118 encrypts / binds the electronic signature to the content of the document 120. In one embodiment, the secure signature module 114 uses the LSB (Least Significant Bit) map approach to preserve R (122) as an electronic signature 118 to preserve the readability and visibility of the secure signature 118. Insert / embed (or logically associate) with an image. In one embodiment, such an LSB mapping technique produces a light gray image (hash pattern) that encrypts the R value. These two-dimensional patterns will hardly be perceived by amateur eyes. However, these two-dimensional patterns can be identified by a program and retrieved from screen captures or printed images in a way that allows document content to be reproduced and collated.

  In these implementations, the secure signature 114 is secured by embedding R (122) in the electronic signature because R is visually inconspicuous (eg, hidden or invisible) to the viewer. Create a signature 118. In these implementations, when a user creates a printed document 128 from the document 120, the R embedded in the secure signature 118 associated with the document 120 remains embedded and the secure page of the printed document 128 remains secure. It is represented in the signature ink / toner plate. As described in detail in the following sections, the signature verification module 130 can detect and retrieve R by scanning with a bitmap (document D ') of the printed document 128. Thus, the operation of secure signature 114 to create secure signature 118 binds the signer's electronic signature to the printed page.

  The user can sign the signer's content (e.g., an electronic signature) by interfacing the signer's electronic signature (encapsulated by the secure signature 118) with the secure signature verification module 130 of the system 100. (For example, not forged, not cut and pasted into a document) and so on. A user can interface with the computer device 102 or a remote computer device 136 with the entire network 132 connected to the computer device 102. (Network 132 may include any combination of local area network (LAN) and wide area network (WAN) communication environments common in offices, enterprise-wide computer networks, intranets, and the Internet). . In one embodiment, the secure signature verification module 130 communicates a user interface (UI) and / or web page to the user. These UIs and web pages allow the user to identify the document D ′ with the digital signature and the public signature of the intended signer of the secure signature 118 with the digital signature. . (If the document with the signature is a paper / print document 128, the user scans the print document 128 to create an electronic document D '). By way of example, these public keys and documents D ′ are represented or identified from remote computer device 136 via request 140.

  The signature verification module 130 places a bitmap representing the handwritten signature portion of the document D '. In one embodiment, the user / operator manually identifies the bits associated with the signature (eg, draws a rectangle using a pointing device to define the dimensions of the bitmap, etc.). At this point, it is unknown whether the bits of the identified signature comprise an unencoded conventional plaintext digital image of a secure signature 118 or a personal handwritten signature. (For example, tracing a counterfeited version of a secure signature 118 can at best only create an electronic signature). These counterfeit signatures do not comprise a program-detectable, embedded, actual / genuine signer's public key digital signature on the printed version of secure signature 118. The secure signature verification module 130 attempts to retrieve the public key digital signature R (122) from the bits associated with the electronic signature. In one embodiment, this is done by reading the least significant bit of the pixel intensity value associated with the identification portion. If the digital signature R of the public key does not exist, the identification part's electronic signature is not a secure signature 118 (eg, there is no cryptographic signature of the electronic signature for the contents of document D ′) and the signature verification module 130 To inform the signer that the authenticity of the content of the document D ′ cannot be verified.

  If the digital signature R is extracted from the identification part's electronic signature, the electronic signature is a secure signature 118. The retrieval operation nulls / zeros the pixel strength value of the identified secure signature 118, resulting in an unencoded digital signature. Once the electronic signature is retrieved, the signature verification follows the digital signature protocol selected as the scheme. More particularly, the signature verification module 130 uses the received public key to decrypt the retrieved digital signature R to identify the first collision-resistant code hash value h (D) 126. In one embodiment, for an RSA digital signature R, this involves an exponentiation of R using the signer's public key and check / evaluation, and the result is the published certificate / signer's Check if it matches the key. The signature verification module 130 then calculates a second collision resistant hash h (D ') of the document D' with the content and the electronic signature. (At the time this h (D ′) is calculated, document D ′ still contains electronic signature 118, which is no longer secure in that it no longer has an embedded digital signature R. Not the signature 118).

  Signature verification logic 130 compares the first and second hash values 126. If the first and second hash values 126 are the same, then the signature verification logic 130 indicates to the user that the electronic signature encapsulated in the secure signature 118 is the author / signer's bound to the content of the document D ′. Inform them of their positive will. Otherwise, signature verification logic 130 informs the user that the electronic signature does not represent the active intention of the author / signer bound to the content of document D '.

(Exemplary means)
FIG. 2 illustrates an exemplary means 200 for secure signature, according to one embodiment. As an illustrative description, the operation of means 200 will be described with respect to certain components of FIG. In the description, the leftmost digit of the reference number indicates the particular number that the component was originally installed on. In one embodiment, each one of secure signature module 114 and secure verification module 130 implements the operation of means 200. The act in block 202 receives an electronic signature from a signer / signer indicating execution of the document 120. The act in block 204 creates a secure signature 118 that enhances the electronic signature and encrypts and binds the electronic signature to the content of the document 120. In one embodiment, this is done by creating a collision-resistant hash from the content of the document 120 and the electronic signature. This collision resistant hash is then encrypted and signed using a public key cryptographic infrastructure to create a public key digital signature 122. In these implementations, the operation of block 204 inserts the public key digital signature 122 into the electronic signature 118 to create a secure signature 118. In this manner, the secure signature 118 encrypts / binds the signer's electronic signature to the specific content of the document 120. For example, a secure signature 118 cut from an original document and pasted into another document is not encrypted and tied to the content of the other document.

  The act in block 208 receives a request to verify whether the signer's electronic signature is securely bound / bound to the content of document D '. The request includes (otherwise identifies) the document D ', which is verified in the same manner as the public key of the target document signer's private / public encryption key pair. The act in block 210 attempts to retrieve the public key digital signature R (12) from a digital signature embedded or logically associated with the received document. If such a public key digital signature R is present in an electronic signature, the electronic signature is a secure signature 118. The retrieval operation removes / makes any display R out of the electronic signature (for example, sets it to zero). The act in block 212 determines whether the public key digital signature R was included in the electronic signature. If the electronic signature has not been digitally signed, the operation of means 200 continues with reference “A” on the page of FIG. 3, and the user receives the electronic signature associated with document D ′ as document D Informed that the signer's positive willingness to execute the content cannot be verified. Otherwise, the operation of block 214 uses the signer's public key to retrieve the retrieved public key digital signature R (122) (the public key was received by the request associated with the operation of block 202. ). As a result of these decryption operations, the first hash value h (D) 126 is obtained. The operation of block 216 is performed by removing the retrieved public key digital signature (see operation of block 210) from the contents of the document D ′ and the electronic signature, and a second hash value 126 (eg, a collision-resistant hash value). ). At this point, the operation of the means 200 continues with reference “B” on the page of FIG.

  FIG. 3 further illustrates the operation of the example means 200 of FIG. 2 for secure signatures, according to one embodiment. The operation of block 302 compares the first and second hash values 126 (see operation of block 216 of FIG. 2 above). As indicated above, the first hash value 126 includes the public key digital signature 122 associated with the secure signature 118 embedded or logically associated with the document D ′ (120), It was the result of decryption. The second hash value 126 was calculated from the content of the document D 'and the corresponding electronic signature (secure title 118 with no digital signature) using a collision-resistant hash function. If the first hash value 126 is the same as the second hash value 126, the operation of block 304 continues at block 306. The act in block 306 indicates to the user (eg, the requester in block 202 of FIG. 2) that the electronic signature associated with document D represents the signer's positive willingness to execute the content of document D ′. Inform. If the first hash value 126 is not the same as the second hash value 126, the operation of block 304 continues at block 308. The act in block 308 informs the user that the electronic signature associated with the document D 'cannot be verified to represent the signer's positive intention to execute (eg, bind) the content of the document. At this point, the operation of the means 200 ends.

(Conclusion)
Although secure signatures have been described in language specific to structural features and / or methodological actions or actions, it should be understood that implementations presented in the appended claims may not necessarily have the specific functions or features described above. It is not limited to the action. For example, although the operations associated with the secure handwritten signature module 114 (FIG. 1) are shown and described as operations that encapsulate the signature verification module / logic 130, the operations of these respective program modules are Can be done independently. In one embodiment, for example, the operations of the secure handwritten signature module 114 do not encapsulate the operations of the module 130, but instead are implemented completely independently of those operations. In one embodiment, for example, the operation of module 114 operates module 130 after being implemented on a different computing device. Accordingly, the specific functions and operations described above are disclosed as example forms of implementing the following claimed subject matter.

FIG. 3 illustrates an exemplary system for secure signatures according to one embodiment. FIG. 3 illustrates an exemplary means for secure signature, according to one embodiment. FIG. 3 further illustrates the operation of the exemplary means of secure signature of FIG. 2 according to one embodiment.

Claims (20)

A computer device,
A processor;
A memory coupled to the processor, the memory comprising computer program instructions to be executed by the processor, the computer program instructions being executed by the processor;
Receiving an electronic signature; and creating a secure signature that securely binds the electronic signature to the content of a printed page, wherein the binding is performed by a cryptographic-based verification operation. A computer apparatus, comprising: a program that can verify that a signature author expresses a positive intention to be bound to the content of the printed page.   The computer apparatus according to claim 1, wherein the secure signature is embedded in the electronic signature in a manner that is visually hidden from a viewer of the printed page. The computer program instructions for creating the secure signature are:
A collision-resistant hash value is calculated from the document and the contents of the electronic signature, the document being in a memory associated with the computer device, and the print page representing a printed version of the document thing,
Further comprising instructions for encrypting and signing the collision-resistant hash value to create a secure digital signature, and embedding the secure digital signature in bits associated with the electronic signature. The computer apparatus according to claim 1. Encrypting and signing the collision resistant hash value further comprises encrypting and signing the collision resistant hash value using the author's private key using a public key cryptography application,
The computer apparatus of claim 3, wherein the private key is one of the author's private / public key pair for digital signature content using the public key cryptography application.   The computer apparatus of claim 3, wherein embedding the secure digital signature further comprises inserting the secure digital signature into the electronic signature using a least significant bit algorithm. . The computer program instructions are:
Receiving a request from a user and verifying that the electronic signature associated with the print page actually represents the positive intention of the signer of the electronic signature for the execution of the content of the print page The request identifies an electronic version of the content and the public key of the signer;
Determining whether the electronic signature comprises a secure digital signature;
If the electronic signature does not comprise the secure digital signature, notifying the user that the electronic signature cannot verify that the signer represents a positive intention of the signer to execute the content; And if the electronic signature comprises the digital signature verification, instructions for verifying using a public key whether the electronic signature represents a signer's willingness to execute the content The computer apparatus according to claim 1, further comprising:   The computer apparatus according to claim 6, wherein the secure digital signature is a public key digital signature created using a public key encryption application and the signer's private key. The computer program instructions for verification are:
Decrypting the secure digital signature with a public key to identify a first hash value;
Calculating a second hash value from the content and the digital signature independent of the secure digital signature,
If the first hash value matches the second hash value, the user is informed that the electronic signature is bound to the content, and the first hash value is The computer apparatus of claim 6, further comprising: an instruction to inform the user that the electronic signature is not bound to the content if it does not match a second hash value. A tangible computer readable data storage medium comprising computer program instructions executable by a processor, the computer program instructions being executed by the processor,
Encrypting and linking a personal digital signature to the document content
Digitally signing the content of the document and the electronic signature to create a digital signature;
Embedding the digital signature in the bits associated with the electronic signature and creating a secure signature; and
A computer readable data storage medium comprising: performing an operation comprising distributing the document with the secure signature to an end user for viewing and authentication.   The computer-readable data storage medium according to claim 9, wherein the electronic signature is obtained from a printed document. Digitally signing
Creating a collision-resistant hash from the content and the electronic signature;
Digitally signing the collision-resistant hash using an individual's private key to create the digital signature, the private key being a private / public key pair used for public key cryptographic operations The key to
The computer-readable data storage medium of claim 9, wherein the digital signature can be decrypted using only the public key of the private / public key pair.   The computer-readable data storage medium of claim 9, wherein the bit comprises a least significant bit associated with the electronic signature. A computer-implemented method comprising:
Receiving a request from a user and verifying that an electronic signature associated with the document is encrypted and bound by a signer of the electronic signature for the content of the document;
Evaluating a bit of the electronic signature to determine if the bit represents an embedded digital signature;
If the bit does not represent the embedded digital signature, the user is informed that the electronic signature is not encrypted and bound to the content of the document; and A computer-implemented method comprising: verifying whether the digital signature is encrypted and bound by the signer of the content if it represents a digital signature.   The method of claim 13, wherein the document is an electronic document created from a non-electronic document.   14. The request of claim 13, wherein the request identifies the document and the electronic document that is part of the document and attached to or logically associated with the document. the method of.   The method of claim 13, wherein the bit is a least significant bit.   Verifying whether the electronic signature was encrypted and bound to the content by the signer is using public key cryptography to bind the electronic signature to the content by the signer. 14. The method of claim 13, further comprising determining whether or not. Verifying whether the electronic signature was encrypted and bound to the content by the signer,
Decrypting the embedded digital signature using a public key of the signer's private / public key pair to obtain a first hash value;
Removing the embedded digital signature from the electronic signature;
Calculating a second hash value from the content and the electronic signature,
If the first hash value matches the second hash value, further comprising notifying the user that the electronic signature has been encrypted and bound to the content by the signer. The method according to claim 13.   The method of claim 18, wherein the first hash value and the second hash value are collision resistant.   The method further comprises notifying the user that the electronic signature was not bound to the content by the signer if the first hash value does not match the second hash value. The method according to claim 18, wherein:

Images