Abstract: A method of establishing a secure channel between a human user and a computer application is described. A secret unique identifier (“PIN”) is shared between a user and an application. When the user makes a request that involves utilizing the PIN for authentication purposes, the application renders a randomly selected identifier. The randomly selected identifier is in a format that is recognizable to a human but is not readily recognizable by an automated agent. The randomly selected identifier is then presented to the human user. The user identifies the relationship between the randomly selected identifier and the PIN. If the user's input reflects the fact that the user knows the PIN, then the user is authenticated.

Abstract: A method for proving the validity of a record digitally signed by a user having a digital certificate issued by a certification authority within a hierarchy of certification authorities. The user signs the record, and obtains the digital certificates and certificate revocation information for all the certification authorities in the chain of the hierarchy extending from the user to the root certification authority. A timestamp is applied to the record, the digital certificates and the certificate revocation information to establish a point in time in which all items were created, current and valid. If, at some later point, one or more of the digital certificates either expire or are revoked, the timestamp serves as evidence of the integrity of the signed record.

Abstract: A method of establishing a secure channel between a human user and a computer application is described. A secret unique identifier (“PIN”) is shared between a user and an application. When the user makes a request that involves utilizing the PIN for authentication purposes, the application renders a randomly selected identifier. The randomly selected identifier is in a format that is recognizable to a human but is not readily recognizable by an automated agent. The randomly selected identifier is then presented to the human user. The user identifies the relationship between the randomly selected identifier and the PIN. If the user's input reflects the fact that the user knows the PIN, then the user is authenticated.

Abstract: A process for time-stamping a digital document is provided. The process provides a certificate which not only allows for the authentication of a document at a later time but which includes a name or nickname which allows for the unique identification of the document at a later time. The name or nickname provided in accordance with the present invention is not only simple and concise but allows for the self-authentication of the document which it refers to. The name can be used when two independent parties desire to refer to the same unique document in a quick and simple way.

Abstract: A cryptographic certificate attesting to the authenticity of original document elements, such as time of creation, content, or source, will lose its value when the cryptographic function underlying the certifying scheme is compromised. The present invention provides a means for extending the reliability of such a certificate by subjecting, prior to any such compromise, a combination of the original certificate and the document digital representation from which that certificate was derived to a scheme based on a different and ostensibly less vulnerable function. The new certificate resulting from this procedure extends the validity of the original authenticity by implacably incorporating the original certificate at a time when that certificate could only have been derived by legitimate means.

Abstract: A system for time-stamping a digital document, including for example text, video, audio, or pictorial data, protects the secrecy of the document text and provides a tamper-proof time seal establishing an author's claim to the temporal existence of the document. Initially, the author reduces the document to a number by means of a one-way hash function, thereby fixing a unique representation of the document text. In one embodiment of the invention the number is then transmitted to an outside agency where the current time is added to form a receipt which is certified by the agency using a public key signature procedure before being returned to the author as evidence of the document's existence. In later proof of such existence, the certificate is authenticated by means of the agency's public key to reveal the receipt which comprises the hash of the alleged document along with the time seal that only the agency could have signed into the certificate.

Abstract: A system for time-stamping a digital document, for example any alphanumeric, video, audio, or pictorial data, protects the secrecy of the document text and provides a tamper-proof time seal establishing an author's claim to the temporal existence of the document. Initially, the document may be condensed to a single number by means of a one-way hash function, thereby fixing a unique representation of the document text. The document representation is transmitted to an outside agency where the current time is added to form a receipt. The agency then certifies the receipt by adding and hashing the receipt data with the current record catenate certificate which itself is a number obtained as a result of the sequential hashing of each prior receipt with the extant catenate certificate. The certified receipt bearing the time data and the catenate certificate number is then returned to the author as evidence of the document's existence.

Abstract: A system for time-stamping a digital document, including for example text, video, audio, or pictorial data, protects the secrecy of the document text and provides a tamper-proof time seal establishing an author's claim to the temporal existence of the document. Initially, the author reduces the document to a number by means of a one-way hash function, thereby fitting a unique representation of the document text. In one embodiment of the invention the number is then transmitted to an outside agency where the current time is added to form a receipt which is certified by the agency using a public key signature procedure before being returned to the author as evidence of the document's existence. In later proof of such existence, the certificate is authenticated by means of the agency's public key to reveal the receipt which comprises the hash of the alleged document along with the time seal that only the agency could have signed into the certificate.