[go: up one dir, main page]

AU723002B2 - Method and arrangement for forming and checking a checksum for digital data which are grouped into a number of data segments - Google Patents

Method and arrangement for forming and checking a checksum for digital data which are grouped into a number of data segments Download PDF

Info

Publication number
AU723002B2
AU723002B2 AU70282/98A AU7028298A AU723002B2 AU 723002 B2 AU723002 B2 AU 723002B2 AU 70282/98 A AU70282/98 A AU 70282/98A AU 7028298 A AU7028298 A AU 7028298A AU 723002 B2 AU723002 B2 AU 723002B2
Authority
AU
Australia
Prior art keywords
checksum
commutative
cryptographic
segment
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
AU70282/98A
Other versions
AU7028298A (en
Inventor
Martina Hanck
Gerhard Hoffmann
Klaus Lukas
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Callahan Cellular LLC
Original Assignee
Siemens AG
Siemens Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG, Siemens Corp filed Critical Siemens AG
Publication of AU7028298A publication Critical patent/AU7028298A/en
Application granted granted Critical
Publication of AU723002B2 publication Critical patent/AU723002B2/en
Assigned to PRASENDT INVESTMENTS, LLC reassignment PRASENDT INVESTMENTS, LLC Alteration of Name(s) in Register under S187 Assignors: SIEMENS AKTIENGESELLSCHAFT
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/34Encoding or coding, e.g. Huffman coding or error correction

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Detection And Correction Of Errors (AREA)
  • Detection And Prevention Of Errors In Transmission (AREA)

Description

GR 97 P 1472 1 Foreign version Description Method and arrangement for forming and checking a checksum for digital data which are grouped into a number of data segments In digital communications, i.e. during the exchange of digital data, it is frequently desirable to protect the transmission of the electronic data with respect to the most varied aspects.
A very significant aspect is the protection of the digital data to be transmitted against unauthorized modification, the so-called protection of the integrity of the data.
As a protection against unauthorized modification of digital data, the so-called cryptographic checksum, for example the digital signature, is known from The method described in is based on forming a hashing value from the digital user data and the subsequent cryptographic processing of the hashing value by means of a cryptographic key. The result is a cryptographic checksum. To check the integrity, a corresponding cryptographic key is used for performing the inverse cryptographic operation on the checksum formed and the result is compared with the hashing value again calculated from the user data. The integrity of the user data is ensured when the hashing values are matched.
This previously customary procedure necessitates that the complete user data must be present on the receiver side in the identical order in Which they were present when the hashing value was formed since otherwise the formation of the hashing value leads to an errored value. In digital communications, however, it is frequently customary to subdivide and to transmit the user data to be transmitted in relatively small data segments which are
T
GR 97 P 1472 la Foreign version also called data packets, due to protocol boundary conditions.
The data segments are frequently not tied to a defined order or it is not possible to guarantee a defined sequential arrival of the data segments. In the method from it is therefore required for the complete user data to be reassembled again on the receiver side, that is to say after the transmission of the data segments, in the order in which they were originally sent. The data to be transmitted can only be verified in this order.
However, this frequently means considerable additional expenditure for the flow control of the data segments inasmuch as this is possible at all within the framework of the protocol used.
From commutative operations are known. In a general definition for commutative operations is also specified. Illustratively, a commutative operation can be understood to be an operation in which the order of individual operations is unimportant and each order of individual operation always leads to the same total operation. A commutative operation can be, for example, an EXOR operation, an additive operation or also a multiplicative operation.
From a method and a device for generating check code segments for the occurrence of source data and for determining errors in the source data are known.
The invention is thus based on the object of specifying methods and arrangements for forming and checking a first commutative checksum for digital data which are grouped into a number of data segments, in which a flow control for the S• 20 individual data segments is no longer required.
According to one aspect of the present invention there is provided a method of forming a first commutative checksum for digital data which is grouped into a number of data segments, by a computer, said method comprising the steps of: o••o a segment checksum is formed for each data segment; the first commutative checksum is formed by a commutative operation on the segment checksums; and oeo* the first commutative checksum is cryptographically protected by using at least one cryptographic operation.
According to another aspect of the present invention there is provided a method of checking a predetermined cryptographic commutative checksum which is allocated to digital data which is grouped into a number of data segments, by a computer, said method comprising the steps of: the cryptographic commutative checksum is subjected to an inverse cryptographic operation to form a first cryptographic checksum; 3a second segment checksum is formed for each data segment; [R:\LIBPP]01 965.doc:iad a second commutative checksum is formed by a commutative operation on the second segment checksums; and the second commutative checksum is checked for a match with the first commutative checksum.
s According to still another aspect of the present invention there is provided a method of forming and checking a first commutative checksum for digital data which is grouped into a number of data segments, by a computer, said method comprising the steps of: a segment checksum is formed for each data segment; the first commutative checksum is formed by a commutative operation on the segment checksums; the first commutative checksum is cryptographically protected by using at least one cryptographic operation, a cryptographic commutative checksum being formed; the cryptographic commutative checksum is subjected to an inverse cryptographic operation to form a first reconstructed cryptographic checksum; a second segment checksum is formed for each data segment of the digital data S•to which the first commutative checksum is allocated; second commutative checksum is formed by a commutative operation on the second segment checksums; and 20 the second commutative checksum is checked for a match with the first reconstructed commutative checksum.
According to still another aspect of the present invention there is provided an apparatus for forming a first commutative checksum for digital data which is grouped into a number of data segments, said apparatus comprising: means for forming a segment checksum for each data segment; means for forming the first commutative checksum by a commutative operation on the segment checksums; and means for cryptographically protecting the first commutative checksum by using at least one cryptographic operation.
According to still another aspect of the present invention there is provided an apparatus for checking a predetermined first commutative checksum which is allocated to digital data which is grouped into a number of data segments, said apparatus comprising: means for subjecting the cryptographic commutative checksum to an inverse .ACig cryptographic operation to form a first cryptographic checksum; means for forming a second segment checksum for each data segment; [R:\LIBPP]0 I 965.doc:iad -4means for forming a second commutative checksum by a commutative operation on the second segment checksum; and means for checking the second commutative checksum for a match with the first commutative checksum.
According to still another aspect of the present invention there is provided an apparatus for forming and checking a first commutative checksum for digital data which is grouped into a number of data segments, said apparatus comprising: means for forming a segment checksum for each data segment; means for forming the first commutative checksum by a commutative operation 1o on the segment checksums; means for cryptographically protecting the first commutative checksum by using at least one cryptographic operation, by forming a cryptographic commutative checksum; means for subjecting the cryptographic commutative checksum to an inverse cryptographic operation to form a first reconstructed cryptographic checksum; means for forming a second segment checksum for each data segment of the i digital data to which the first commutative checksum is allocated; means for forming a second commutative checksum by a commutative operation on the second segment checksums; and means for checking the second commutative checksum for a match with the first S° 20 reconstructed commutative checksum.
A considerable advantage of the methods and of the arrangements can be seen in the fact that, by using a commutative operation for individual checksums of the data segments, a flow control for the order of the individual data segments is no longer required.
Furthermore, it is no longer required to reassemble the complete user data in the original order in which the first commutative checksums were formed. The order of the oooo S"individual data segments is no longer of significance in the formation of the commutative checksum.
[R:ALIBPPOI 965.doc:iad GR 97 P 1472 5 Foreign version If the digital data are transmitted between two arrangements, a further advantage of the methods can be seen in the fact that the checking of the integrity can already be begun before all data segments have been received since it is no longer required to maintain the original order in forming the first checksum. This leads to a timesaving in the checking of the integrity of the data.
Illustratively, the invention can be seen in the fact that a checksum is formed in the case of a number of data segments which, together, form the data to be protected, and the individual checksums of the data segments are commutatively combined with one another.
Advantageous further developments of the invention are obtained from the dependent claims.
It is advantageous to protect the first commutative checksum cryptographically by using at least one cryptographic operation.
The result of this further development is that the cryptographic security of the data is considerably increased. A cryptographic operation in this sense is, for example, the encrypting of the first commutative checksum with a symmetric or also with an assymetric encryption method which forms a cryptographic checksum.
On the receiver side, the inverse cryptographic method to the cryptographic method is performed in order to ensure cryptographic security.
To form a checksum within the context of the document, various possibilities are known: a checksum can be formed by forming hashing values for the individual data segments; GR 97 P 1472 6 Foreign version the checksums can also be formed by so-called cyclic codes (Cyclic Redundancy Check, CRC); a cryptographic one-way function can also be used for forming the checksums for the data segments.
The methods can be advantageously used in various application scenarios.
The methods can be used both in the transmission of digital data for protection against manipulation of the data, and in the archiving of digital data in a computer in which the first commutative checksum is formed and stored together with the data to be archived. The first commutative checksum can be checked when the digital data are loaded from the archive memory in order to detect any manipulation of the archived data.
The method can be advantageously used for protecting digital data, the data segments of which are not tied to an order. Examples of such data segments are packet-oriented communication protocols, for example network management protocols such as the Simple Network Management Protocol (SNMP) or the Common Management Information Protocol (CMIP).
In the text which follows, an illustrative embodiment of the invention will be explained in greater detail with reference to a Figure. Even if the illustrative embodiment is explained with reference to the Simple Network Management Protocol (SNMP) in the text which follows, this does not represent any restriction on the applicability of the method. The method can be used whenever it is of importance to ensure integrity protection for digital data which are grouped into a number of data segments.
GR 97 P 1472 7 Foreign version The Figure shows two arrangements, data segments being transmitted from the first arrangement to the second arrangement.
In the Figure, a first computer arrangement Al, in which data segments (Di, i 1 n) are stored, is shown symbolically. The data segments Di together form the digital data which are also designated as user data, for which it is of importance to ensure their integrity.
Both the first computer arrangement Al and a second computer arrangement A2 described in the text which follows in each case contain an arithmetic and logic unit R which is arranged in such a manner that the method steps described in the text which follows are performed.
In the first arrangement Al, the data segments Di are arranged at positions Pi within the total data stream. For each data segment Di, a first segment checksum PSi is [lacuna] by using a checksum function PSF. The individual first segment checksum PSi are combined to form a first commutative checksum KP1 by a commutative operation as defined and described in [2] The commutative operation on the individual checksums PSi are shown symbolically by an EXOR symbol E in the Figure.
The first commutative checksum KPI is subjected to a cryptographic method, a symmetric or asymmetric method, by using a first cryptographic key S (step 101) The result of the cryptographic operation is a cryptographic checksum KP.
Both the data segments Di and the cryptographic checksum KP are transmitted by a transmission medium, preferably a line or also a logical connection which is symbolically shown by a communication link UM in the Figure, GR 97 P 1472 8 Foreign version to a second arrangement A2 where they are received.
The crossing arrows of the data segments Di in the Figure indicate that, due to the transmission of the data segments Di, these are received in positions Pj (j a z) which are displaced compared with the order in the first arrangement Al.
Thus, a data segment D2 at the first position P1 is received as data segment Da in the second arrangement A2. Data segment D1 is received as data segment Dc in the second arrangement. Data segment Dn is received as received data segment Db at the second position P2 in the second arrangement A2.
In accordance with the method used, either the first cryptographic key S is used for performing the inverse cryptographic operation on the cryptographic checksum KP if a symmetric encryption method is used, or a second cryptographic key S' is used if an asymmetric cryptographic method is used.
The result of the inverse cryptographic operation (step 102) is again the first commutative checksum KP1 with correct encryption and decryption.
This checksum is stored in the second arrangement A2. For the comparison of the data segments Dj, which are now received in permutated order compared with the original order during the formation of the first commutative checksum KP1, second segment checksums Psj are formed for the received data segments Dj, again using the same checksum methods PSF.
GR 97 P 1472 9 Foreign version The resultant second checksums PSj are again commutatively combined with one another to form a second commutative checksum KP2.
In a further step 103, a check is made whether the first commutative checksum KPl matches the second commutative checksum KP2.
If this is so, the integrity of the data segments Di, and thus the integrity of all the digital data, is ensured (step 104) if the cryptographic methods used or, respectively, the methods used for forming checksums ensure the corresponding cryptographic security.
If the first cryptographic checksum KPI does not match the second cryptographic checksum KP2, the integrity of the data segments Di would be violated and a manipulation of the data is found and preferably reported to a user of the system.
The protocol data units (PDU) in SNMP are structured in such a manner that the user information (so-called variable bindings) can contain a list of objects (object indicators, OID/value pairs). The order of the objects within a PDU is not specified so that it is possible for a permutation of the objects to occur during the transmission of the PDUs between the first arrangement Al and the second arrangement A2. The invention now makes it possible to form a single cryptographic checksum over all objects of an SNMP PDU without having to take into consideration the order of the objects or of the PDUs.
In the text which follows, alternatives to the illustrative embodiment described above will be explained.
GR 97 P 1472 10 Foreign version The method for forming the checksum PSF can be, for example, a method for forming hashing values.
However, methods for forming cyclic codes (Cyclic Redundancy Check, CRC) using feedback-type shift registers can also be used. In addition, cryptographic one-way functions can be used for forming the checksums PSi and, respectively, Psj.
Furthermore, the commutative operation can have the additional property of associativity.
Both the method for forming the checksum and the method for checking a checksum can be performed independently of one another. However, the method for forming the checksum and the method for checking the checksum can also be performed jointly.
Furthermore, it is provided not to transmit digital data but to archive the digital data, that is to say to store them in the first arrangement Al, together with the first commutative checksum KP1. When the archived data are reused, that is to say when the data segments Di are loaded from the memory of the first arrangement Al, the method for checking the first commutative checksum KP1 as described above will then be performed. The first arrangement Al and the second arrangement A2 can thus be identical.
Illustratively, the invention can be seen in that in the case of a number of data segments which, together, represent the data to be protected, a checksum is formed for each data segment and the individual checksums of the data segments are commutatively combined with one another. This makes it possible to form and to check a checksum without having to take into consideration the order of the data segments.
GR 97 P 1472 11 Foreign version In this document, the following publications have been quoted: W. Stallings, Sicherheit in Netzwerk und Internet (Security in Network and Internet), Prentice Hall, ISBN 3-930436-29-9, pp. 203-223, 1995 Kiyek and F. Schwarz, Mathmatik fur Informatiker (Mathematics for Computer Scientists), Teubner Verlag, ISBN 3-519-03277-X, pp. 11-13, 1989 DE-A 2 048 365

Claims (16)

1. A method of forming a first commutative checksum for digital data which is grouped into a number of data segments, by a computer, said method comprising the steps of: a segment checksum is formed for each data segment; the first commutative checksum is formed by a commutative operation on the segment checksums; and the first commutative checksum is cryptographically protected by using at least lo one cryptographic operation.
2. A method of checking a predetermined cryptographic commutative checksum which is allocated to digital data which is grouped into a number of data segments, by a computer, said method comprising the steps of: the cryptographic commutative checksum is subjected to an inverse :i cryptographic operation to form a first cryptographic checksum; a second segment checksum is formed for each data segment; a second commutative checksum is formed by a commutative operation on the second segment checksums; and 20 the second commutative checksum is checked for a match with the first commutative checksum. ••go
3. A method of forming and checking a first commutative checksum for digital data *which is grouped into a number of data segments, by a computer, said method comprising 25 the steps of: _a segment checksum is formed for each data segment; the first commutative checksum is formed by a commutative operation on the segment checksums; the first commutative checksum is cryptographically protected by using at least one cryptographic operation, a cryptographic commutative checksum being formed; the cryptographic commutative checksum is subjected to an inverse cryptographic operation to form a first reconstructed cryptographic checksum; a second segment checksum is formed for each data segment of the digital data Sto which the first commutative checksum is allocated; [R:\LIBPP] I 965.doc:iad -13 a second commutative checksum is formed by a commutative operation on the second segment checksums; and the second commutative checksum is checked for a match with the first reconstructed commutative checksum.
4. The method according to any one of claims 1 to 3, wherein the segment checksums are formed in accordance with at least one of the following types: forming a hashing value, fonning CRC codes, using at least one cryptographic one-way function. The method according to any one Of claims 1 to 4, wherein the cryptographic operation is a symmetric cryptographic method.
6. The method according to any one of claims 1 to 4, wherein the cryptographic operation is an asymmetric cryptographic method. oo
7. The method according to any one of claims 1 to 6, wherein the commutative operation exhibits the property of associativity. o o
8. The method according to any one of claims 1 to 7, wherein digital data are .9.9 protected, the data segments of which are not tied to an order. The method according to any one of claims I to 7, wherein said digital data is processed in accordance with a network management protocol. t9oo too*.:
10. An apparatus for forming a first commutative checksum for digital data which is grouped into a number of data segments, said apparatus comprising: means for forming a segment checksum for each data segment; means for forming the first commutative checksum by a commutative operation on the segment checksums; and means for cryptographically protecting the first commutative checksum by using at least one cryptographic operation. [R:\LIBPPIO I 965.doc:iad -14-
11. An apparatus for checking a predetermined first commutative checksum which is allocated to digital data which is grouped into a number of data segments, said apparatus comprising: means for subjecting the cryptographic commutative checksum to an inverse cryptographic operation to form a first cryptographic checksum; means for forming a second segment checksum for each data segment; means for forming a second commutative checksum by a commutative operation on the second segment checksum; and means for checking the second commutative checksum for a match with the first commutative checksum.
12. An apparatus for forming and checking a first commutative checksum for digital data which is grouped into a number of data segments, said apparatus comprising: means for forming a segment checksum for each data segment; means for forming the first commutative checksum by a commutative operation on the segment checksums; means for cryptographically protecting the first commutative checksum by using at least one cryptographic operation, by formning a cryptographic commutative checksum; means for subjecting the cryptographic commutative checksum to an inverse 20 cryptographic operation to form a first reconstructed cryptographic checksum; means for forming a second segment checksum for each data segment of the digital data to which the first commutative checksum is allocated; means for forming a second commutative checksum by a commutative operation o oo *%on the second segment checksums; and means for checking the second commutative checksum for a match with the first reconstructed commutative checksum. o•°•o
13. The apparatus according to any one of claims 10 to 12, wherein the segment checksums are formed in accordance with at least one of the following types: forming a hashing value, forming CRC codes, using at least one cryptographic one-way function.
14. The apparatus according to any one of claims 10 to 13, wherein the cryptographic operation is a symmetric cryptographic method. [R:\LIBPPIO I965.doc:iad The apparatus according to any one of claimsl0 to 13, wherein the cryptographic operation is an asymmetric cryptographic method.
16. The apparatus according to any one of claims 10 to 15, wherein the commutative operation exhibits the property of associativity.
17. The apparatus according to any one of claims 10 to 16, wherein the digital data are protected such that the data segments are not tied to an order.
18. The apparatus according to any one of claims 10 to 16, wherein the digital data is processed in accordance with a network management protocol.
19. A method for forming a first commutative checksum for digital data which is grouped into a number of digital data segments, said method being substantially as S hereinbefore described with reference to the accompanying drawing. DATED this thirteenth Day of June 2000 Siemens Aktiengesellschaft Patent Attorneys for the Applicant SPRUSON FERGUSON oo [R:\LIBPP]01965.doc:iad
AU70282/98A 1997-04-14 1998-02-25 Method and arrangement for forming and checking a checksum for digital data which are grouped into a number of data segments Ceased AU723002B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE19715486 1997-04-14
DE19715486 1997-04-14
PCT/DE1998/000563 WO1998047264A1 (en) 1997-04-14 1998-02-25 Method and system for producing and checking a hash total for digital data grouped in several data segments

Publications (2)

Publication Number Publication Date
AU7028298A AU7028298A (en) 1998-11-11
AU723002B2 true AU723002B2 (en) 2000-08-17

Family

ID=7826436

Family Applications (1)

Application Number Title Priority Date Filing Date
AU70282/98A Ceased AU723002B2 (en) 1997-04-14 1998-02-25 Method and arrangement for forming and checking a checksum for digital data which are grouped into a number of data segments

Country Status (7)

Country Link
EP (1) EP0976221B1 (en)
JP (1) JP2000513115A (en)
AU (1) AU723002B2 (en)
DE (1) DE59811203D1 (en)
ES (1) ES2219883T3 (en)
ID (1) ID22750A (en)
WO (1) WO1998047264A1 (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7133844B2 (en) * 2002-06-04 2006-11-07 Bottomline Technologies (De) Inc. System and method for producing and verifying secure negotiable instruments
US7089213B2 (en) * 2002-06-04 2006-08-08 Bottomline Technologies System and method for producing and verifying secure negotiable instruments
US7058612B2 (en) * 2002-06-04 2006-06-06 Bottomline Technologies, (De) Inc. System and method for producing and verifying secure negotiable instruments
US20050216737A1 (en) * 2004-03-26 2005-09-29 Sangikyo Corporation Authentication system
US7065650B2 (en) * 2004-05-10 2006-06-20 Aladdin Knowledge Systems Ltd. Method for indicating the integrity of a collection of digital objects
EP1643336A1 (en) * 2004-09-30 2006-04-05 Siemens Aktiengesellschaft Clear product identification
US8204216B2 (en) 2006-10-23 2012-06-19 Alcatel Lucent Processing method for message integrity with tolerance for non-sequential arrival of message data
US8949600B2 (en) * 2006-10-27 2015-02-03 Qualcomm Incorporated Composed message authentication code
EP2087635A4 (en) * 2006-11-21 2017-07-05 Alcatel-Lucent USA Inc. Processing method for message integrity with tolerance for non-sequential arrival of message data
US9880983B2 (en) * 2013-06-04 2018-01-30 X1 Discovery, Inc. Methods and systems for uniquely identifying digital content for eDiscovery
US10346550B1 (en) 2014-08-28 2019-07-09 X1 Discovery, Inc. Methods and systems for searching and indexing virtual environments
JP5802892B1 (en) * 2014-11-12 2015-11-04 オプテックス株式会社 Method for generating message authentication code of communication packet and authentication method
DE102015218373B4 (en) * 2015-09-24 2017-05-04 Siemens Aktiengesellschaft Monitor an integrity of a test record
AT518910B1 (en) * 2016-08-04 2018-10-15 Ait Austrian Inst Tech Gmbh Method for checking the availability and integrity of a distributed data object
WO2018134925A1 (en) * 2017-01-18 2018-07-26 富士通株式会社 Data transmission/reception method, data transmission device, data reception device, data transmission program, data reception program, and data transmission/reception system
EP3737109B1 (en) * 2019-05-08 2024-03-20 Getac Holdings Corporation Verification code generation method, data verification method and electronic device
US11330345B2 (en) 2019-05-09 2022-05-10 Getac Technology Corporation Verification code generation method, data verification method and electronic device

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH06315027A (en) * 1993-04-23 1994-11-08 Internatl Business Mach Corp <Ibm> Method and equipment for data authentication in data communication environment

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0609595B1 (en) * 1993-02-05 1998-08-12 Hewlett-Packard Company Method and apparatus for verifying CRC codes by combination of partial CRC codes
US5475826A (en) * 1993-11-19 1995-12-12 Fischer; Addison M. Method for protecting a volatile file using a single hash

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH06315027A (en) * 1993-04-23 1994-11-08 Internatl Business Mach Corp <Ibm> Method and equipment for data authentication in data communication environment
US5673318A (en) * 1993-04-23 1997-09-30 International Business Machines Corporation Method and apparatus for data authentication in a data communication environment

Also Published As

Publication number Publication date
DE59811203D1 (en) 2004-05-19
ID22750A (en) 1999-12-09
EP0976221A1 (en) 2000-02-02
EP0976221B1 (en) 2004-04-14
WO1998047264A1 (en) 1998-10-22
ES2219883T3 (en) 2004-12-01
AU7028298A (en) 1998-11-11
JP2000513115A (en) 2000-10-03

Similar Documents

Publication Publication Date Title
AU723002B2 (en) Method and arrangement for forming and checking a checksum for digital data which are grouped into a number of data segments
Preneel et al. On the security of iterated message authentication codes
US10862670B2 (en) Automotive nonce-misuse-resistant authenticated encryption
EP1421461B1 (en) Space-efficient, Side-channel Attack Resistant Table Lookups
US9009839B2 (en) Method and device for protecting the integrity of data transmitted over a network
US9252945B2 (en) Method for recognizing a manipulation of a sensor and/or sensor data of the sensor
EP0953244B1 (en) Constructing symmetric ciphers using the cast design procedure
Canteaut et al. Degree of composition of highly nonlinear functions and applications to higher order differential cryptanalysis
US8787563B2 (en) Data converter, data conversion method and program
EP2367316B1 (en) Method and circuitry for detecting a fault attack
CN114844728B (en) Serialized data secure communication method and big data platform
CN111211888A (en) Data sending method, data receiving method, sending end and receiving end
US10009357B2 (en) Data frame for protected data transmissions
US20230141210A1 (en) Neural networks
CN106936563B (en) Method and system for protecting cryptographic operations
CN110995415A (en) Encryption algorithm based on MD5 algorithm
CN102946315B (en) A kind of method and system adopting packet mode to construct MAC code
US8122247B2 (en) Processing method for message integrity with tolerance for non-sequential arrival of message data
EP1615370B1 (en) Authentication of short messages
Biryukov et al. Cryptanalysis of the “kindle” cipher
Ansari et al. IntelliCAN: Attack-resilient controller area network (CAN) for secure automobiles
WO2001084772A2 (en) Generation of keyed integer permutations for message authentication codes
CN113949561B (en) Inter-station secure communication method, device and medium of secure controller
EP3396896A1 (en) Efficient calculation of message authentication codes for related data
CN115484082A (en) Data transmission method, data transmission device and server

Legal Events

Date Code Title Description
FGA Letters patent sealed or granted (standard patent)