TIME-BASED DIGITAL SIGNATURE

Abstract

A method includes receiving an event, the event associated with a digital signature in a first time-based message comprising a first trusted time stamp token generated using a first hash of digitally signed content from a trusted timing authority; generating a first block on a distributed ledger; generating a second hash of the first trusted time stamp token; receiving a second trusted time stamp token from the trusted timing authority in response to transmitting the second hash to the trusted timing authority; and generating a second block on the distributed ledger; wherein verification of data integrity of the digitally signed content is provided via the first hash of the digitally signed content and second hash of the first trusted time stamp token and via the hash of the first block and a hash of the second block.

Description

Claims

1. A method, comprising: generating a first block on a distributed ledger, the first block comprising a first time stamp token (TST) generated using a first hash of digitally signed content;receiving a second TST based on a second hash of the first TST; andgenerating a second block on the distributed ledger, the second block comprising the second TST, wherein verification of data integrity of the digitally signed content is provided at least via the first hash and the second hash.

2. The method of claim 1, comprising: generating a first time-based digital signature message using the first TST and the digitally signed content; andgenerating a second time-based digital signature message using the second TST.

3. The method of claim 2, wherein the first time-based message comprises an identifier of a digest algorithm used to generate the first hash.

4. The method of claim 2, wherein the first time-based message contains the hash of the first block and the hash of the second block.

5. The method of claim 2, wherein the first time-based message comprises a signed attribute bound to the digitally signed content, a certificate issuer, and a certificate identifier.

6. The method of claim 1, wherein the digitally signed content is signed first a first signature, and the method further comprises adding a second signature to the first TST using the second TST.

7. The method of claim 6, comprising generating a second time-based digital signature message using the second signature and a hash of the first TST.

8. A system, comprising: a memory; anda processor configured to: generate a first block on a distributed ledger, the first block comprising a first time stamp token (TST) generated using a first hash of digitally signed content;receive a second TST based on a second hash of the first TST; and generate a second block on the distributed ledger, the second block comprising the second TST, wherein verification of data integrity of the digitally signed content is provided at least via the first hash and the second hash.

9. The system of claim 8, wherein the processor is further configured to: generate a first time-based digital signature message using the first TST and the digitally signed content; andgenerate a second time-based digital signature message using the second TST.

10. The system of claim 9, wherein the first time-based message comprises an identifier of a digest algorithm used to generate the first hash.

11. The system of claim 9, wherein the first time-based message contains the hash of the first block and the hash of the second block.

12. The system of claim 8, wherein the first time-based message comprises a signed attribute bound to the digitally signed content, a certificate issuer, and a certificate identifier.

13. The system of claim 8, wherein the digitally signed content is signed first a first signature, and the method further comprises adding a second signature to the first TST using the second TST.

14. The system of claim 13, wherein the processor is further configured to generate a second time-based digital signature message using the second signature and a hash of the first TST.

15. A non-transitory computer-readable medium comprising computer-readable instructions, such that, when executed, causes a processor of a computer to: generate a first block on a distributed ledger, the first block comprising a first time stamp token (TST) generated using a first hash of digitally signed content;receive a second TST based on a second hash of the first TST; andgenerate a second block on the distributed ledger, the second block comprising the second TST, wherein verification of data integrity of the digitally signed content is provided at least via the first hash and the second hash.

16. The non-transitory computer-readable medium of claim 15, wherein the computer is further configured to: generate a first time-based digital signature message using the first TST and the digitally signed content; andgenerate a second time-based digital signature message using the second TST.

17. The non-transitory computer-readable medium of claim 16, wherein the first time-based message comprises an identifier of a digest algorithm used to generate the first hash.

18. The non-transitory computer-readable medium of claim 16, wherein the first time-based message contains the hash of the first block and the hash of the second block.

19. The non-transitory computer-readable medium of claim 15, wherein the first time-based message comprises a signed attribute bound to the digitally signed content, a certificate issuer, and a certificate identifier.

20. The non-transitory computer-readable medium of claim 15, wherein the digitally signed content is signed first a first signature, and the method further comprises adding a second signature to the first TST using the second TST.