Method and apparatus incorporating a one-way sequence for transaction

Abstract

A method and apparatus for verifying both the content of a transaction and the identity of the parties thereto. The system includes a plurality of terminals connected together over a common communication channel wherein a given pair of users located at different terminals on the system have exchanged a contract comprising a plurality of reference signatures each of which constitutes the final member of a one-way keyed signature sequence and each of which is a one-way function of each user's secret encryption key (K.sub.x) and a number (NUM) known to both parties. Each terminal connected to the system includes means for generating a multidigit ranking vector which is a cryptographic function of the entire message (DATA) tobe transmitted. Further means are provided for forming as many signature elements as there are digits in said ranking vector, the particular signature element being an intermediate member of a predetermined one-way keyed signature sequence specified by an associated digit of the ranking vector. Additional means are provided for initiating the generation of a separate keyed signature sequence to derive each signature element beginning with a starting element which requires that user's secret encryption key (K.sub.x) and the number (NUM) and continuing the generation of successive members of the one-way keyed signature sequence until the particular signature sequence element (KSS.sub..rho.) which was specified by the associated ranking vector digit (.rho.) is obtained. When the appropriate sequence of one-way keyed signature sequence elements has been generated as specified by the ranking vector, this sequence of signature elements is appended onto the original message (DATA) and transmitted to a receiver. Means are provided in each terminal which are activated upon receipt of an appropriately signed message for another terminal for deriving a ranking vector from the received message which again is the same function of the message (DATA) received and a cryptographic function known to both parties. Circuitry is provided, upon the determination of the ranking vector for generating successor one-way keyed signature sequence reference elements from each received signature element based solely upon the knowledge of said element as received and the ranking vector. This process is continued until all reference elements have been derived from the received signature at which point the reference elements so derived are compared with the reference elements previously exchanged between the parties and designated for use for this particular transaction. If the elements match, the identity of the user is unequivocally verified and the contents of the message are guaranteed.