Long-term secure digital signatures

Abstract

The present invention relates to digitally signing of electronic documents which are to be kept secure for a very long time, thereby taking into account future cryptographic developments which could render current cryptographic key-lengths insufficient. In accordance with the invention a double signature is issued for each document. A first digital signature (DTS) ensures the long time security, whilst a second digital signature (DUS) ensures the involvement of an individual user. Thereby, the second digital signature is less computationally intensive in its generation than the first digital signature.

Description

TECHNICAL FIELD [0001] The present invention is related to a method, computer device, and system for digitally signing an electronic document that is to be kept secure for a long time period. The invention also relates to a method for verifying an electronic document that has been digitally signed. BACKGROUND OF THE INVENTION [0002] More and more documents are stored electronically. This often involves a digital time-stamping mechanism in order to bind the document or its content to a particular point in time. To minimize the risk that either the data or the time-stamp can be tampered with at a later date a cryptographic digital signature is used to protect both elements. [0003] US Patent Application Publication US 2002 / 0120851 A1 refers to a device and method for data time-stamping. The device includes a trusted clock, a memory, a time-stamper and a digital signer. The device is adapted to store to the memory data that has been time-stamped by the time-stamper, with a time obtained...

AI Technical Summary

Benefits of technology

[0008] In accordance with the present invention, there is provided a method for digitally signing an electronic document for long term security purposes comprising the steps of marking with a digital mark and signing with a first digital signature the electronic document. The marked and signed electronic document is then signed with a second digital signature that is less computationally intensive in its generation than the first digital signature. In most cases the second digital signature is based on a shorter cryptographic key then the first digital signature.

[0009] The electronic document and the first digital signature or part thereof can be provided to a client computer where under use of a cryptographic token the second digital signature which depends on the content of the electronic document and the first digital signature or the part thereof is generated. This allows a presenting or displaying of the electronic document to a user, who can review the electronic document and sign it with an individual cryptographic token, for example with a smart card, which belongs to the user and is also referred to as signing device.

[0010] The cryptographic token can be related to a user group which then shares one cryptographic token mak

Problems solved by technology

However, at present the requirement that a user is legally liable for documents that he/she digitally signs and that the documents remain secure for a long period of time, for example at least 30 years, can not be fulfilled, because of the limited computational power of personal crypt

Images