Abstract: A distributed hash tree-based authentication system for digital input records has more than one upper-level core node, each of which receives at least one uppermost value from aggregators. Communicating with each other about which aggregator values they have received, the nodes try to reach agreement as to which of these values should be included in duplicated current intra-node hash tree evaluations so as to form a consistent top-level value used as the basis for digital signatures associated with the digital input records.

Abstract: Location data from one or more geolocation engines such as GPS, a system that determines location from relative signal strengths or transit times, etc., within and/or connected to a device, such as a mobile phone, vehicle, movable electronic device, computer, etc., is included in a digital record that submitted to obtain a digital signature such that the presence of the device at the particular location can later be proven. The digital record may include data that encodes a message, as well as other parameters such as time. The digital signature may include recomputation parameters for recomputing a verifying calendar value, formed by a keyless, hash tree-based signing infrastructure as an uppermost hash value in a calendar period.

Abstract: Occurrence of an event is detected within a device such as a computer, a communications device, a machine or process component. A non-deterministic time value (NDT) is requested for and associated with the detected event. Each NDT value is generated as a function of a calendar value created at time intervals as a root hash value of a distributed, hash-tree document authentication infrastructure.

Abstract: A code is added as a marking to a document and encodes an identifier that maps to a copy of the document stored in a database. Database copies of stored documents are preferably digitally signed. Using a device such as a smart phone, a user may extract the document identifier from the marking on a purported authentic version of the document and retrieve a copy of the document from the corresponding location in the database. The user can then visually compare the purported authentic version of the document with the retrieved database copy.

Abstract: A client system is configured to obtain signatures for digital input records. An application program interface reformats each digital record, and this is used as an argument to a cryptographic hash function, from which a signature request is formed. The signature request is then submitted to a keyless, distributed hash tree infrastructure system, which returns a signature that includes recomputation values enabling recomputation from the result of the cryptographic hash function upward through the hash tree infrastructure to a root hash value at a calendar period corresponding to a time during which the signature request was originally submitted. An arbitrary subsequent test digital record is considered authenticated if, applying the cryptographic hash function to it, along with any other parameters included in the original computation, and recomputing an uppermost value using the recomputation values, the same composite calendar value is attained as when it was originally computed.

Abstract: A non-deterministic time value (NDT) is generated as a function of a calendar value created at time intervals as a root hash value of a distributed, hash-tree document authentication infrastructure. A clock displays the NDT value, which it may derive from a sub-set of the calendar value, and presents the NDT to a user in either visual or audible form, or both. may be presented to is presented may also be generated simply for display by a clock, for example as an NDT time zone.

Abstract: A capture device such as a camera and/or sound recorder records an event, which includes a visual and/or audible presentation of a time value that is non-deterministic, yet a function of physical time. The non-deterministic time value (NDT) may be generated as a function of a calendar value created at time intervals as a root hash value of a distributed, hash-tree document authentication infrastructure. If the NDT value included in the recording of the event does not match the NDT value corresponding to the calendar value from which it was generated, the recording may be assumed to be altered. Digital time-stamping may be included for the recording of the event to reduce the opportunity for back-dating of the recording. NDT may also be generated simply for display by a clock, for example as an NDT time zone.

Abstract: Transformations of digital records are used as lowest level inputs to a tree data structure having a root in a core system and having nodes computed as digital combinations of child node values. Signature vectors are associated with the digital records and have parameters that enable recomputation upward through the tree data structure to either a current calendar value or onward to a composite calendar value that is a function of calendar values in a calendar, which comprises a set of computed calendar values, such that the calendar values have a time correspondence. Recomputation yields the same value only if a candidate digital record is an exact version of the original digital record included in the original computation of the value, indicating authentication of the candidate digital record. The authentication process as such is independent of any trust authority that issues cryptographic keys.

Abstract: A capture device such as a camera and/or sound recorder records an event, which includes a visual and/or audible presentation of a time value that is non-deterministic, yet a function of physical time. The non-deterministic time value (NDT) may be generated as a function of a calendar value created at time intervals as a root hash value of a distributed, hash-tree document authentication infrastructure. If the NDT value included in the recording of the event does not match the NDT value corresponding to the calendar value from which it was generated, the recording may be assumed to be altered. Digital time-stamping may be included for the recording of the event to reduce the opportunity for back-dating of the recording. NDT may also be generated simply for display by a clock, for example as an NDT time zone.

Abstract: A code is added as a marking to a document and encodes an identifier that maps to a copy of the document stored in a database. Database copies of stored documents are preferably digitally signed. Using a device such as a smart phone, a user may extract the document identifier from the marking on a purported authentic version of the document and retrieve a copy of the document from the corresponding location in the database. The user can then visually compare the purported authentic version of the document with the retrieved database copy.

Abstract: At least one node in a distributed hash tree document verification infrastructure is augmented with an identifier of an entity in a registration path. A data signature, which includes parameters for recomputation of a verifying value, and which is associated with a digital input record, will therefore also include data that identifies at least one entity in the hash tree path used for its initial registration in the infrastructure.

Abstract: Transformations of digital records are used as lowest level inputs to a tree data structure having a root in a core system and having nodes computed as digital combinations of child node values. Signature vectors are associated with the digital records and have parameters that enable recomputation upward through the tree data structure to either a current calendar value or onward to a composite calendar value that is a function of calendar values in a calendar, which comprises a set of computed calendar values, such that the calendar values have a time correspondence. Recomputation yields the same value only if a candidate digital record is an exact version of the original digital record included in the original computation of the value, indicating authentication of the candidate digital record. The authentication process as such is independent of any trust authority that issues cryptographic keys.

Abstract: An authentication system for digital records has a hash tree structure that computes an uppermost, root hash value that may be digitally signed. A random or pseudo-random number is hashed together with hash values of the digital records and acts as a blinding mask, making the authentication system secure even for relative low-entropy digital records. A candidate digital record is considered verified if, upon recomputation through the hash tree structure given sibling hash values in the recomputation path and the pseudo-random number, the same root hash value is computed.

Abstract: A system and method for generating a digital certificate is provided wherein a new digital record is received and is assigned a sequence value. A first composite digital value is generated by applying a first deterministic function to the digital records stored in a repository. The sequence value and first composite digital value are included in a first certificate. After the digital record is added to the repository, a second composite digital value is generated by applying a second deterministic function to the digital records in the repository. This second composite digital value, and a composite sequence value, are published. An interval digital value which is based upon the first and second composite digital values, and the sequence value, are included in a second certificate which thus verifies the authenticity and sequence value of the digital record.

Abstract: A method of generating a keyless digital multi-signature is provided. The method includes receiving multiple signature generation requests from one or more client computers, building subtrees based on the signature generation requests, and constructing a search tree including the subtrees. The method also includes assigning explicit length tags to leaf nodes of the search tree to balance the search tree and applying a hash function to each of the search tree nodes. The root hash value and the height of the search tree make up a generated aggregate signature request, followed by receiving an aggregate signature based on the aggregate signature request. The keyless digital multi-signature is generated based on the aggregate signature and contains an implicit length tag to verify that the number of signature generation requests is limited. The aggregate signature is generated if the height of the search tree does not exceed a predetermined height limitation.

Abstract: A system and method for generating a digital certificate is provided wherein a new digital record is received and is assigned a sequence value. A first composite digital value is generated by applying a first deterministic function to the digital records stored in a repository. The sequence value and first composite digital value are included in a first certificate. After the digital record is added to the repository, a second composite digital value is generated by applying a second deterministic function to the digital records in the repository. This second composite digital value, and a composite sequence value, are published. An interval digital value which is based upon the first and second composite digital values, and the sequence value, are included in a second certificate which thus verifies the authenticity and sequence value of the digital record.