Digital data authentication

摘要

A method for protecting a digital document and user data typed into a digital document is presented. The method comprises computation of an authentication tag when the document is sent from a server. A similar authentication tag is computed when the document is shown on a client. When another document referenced in the document is requested by the client from the server, the authentication tag computed by the client is attached to the request for that other document. The server receiving the request compares the authentication tag it computed with the one it received to verify if the request came from an authentic copy of the document. The method is suitable for protection of online banking, online investment, online shopping, and other electronic applications.

主权项

1. A method of verifying if a request for a second digital document originates from a reference within an authentic copy of a first digital document, the method comprising:
a first computer sends the first digital document to a second computer via a computer network; the second computer receives a possibly tampered version of the first digital document via the computer network; the first computer computes a first authentication tag on at least a part of the first digital document; the second computer computes a second authentication tag on at least a part of the possibly tampered version of the first digital document; the second computer sends the request for the second digital document referenced in the possibly tampered version of the first digital document to the first computer via the computer network, the request including the second authentication tag; the first computer receives a possibly tampered version of the request and deducts the second authentication tag; the first computer considers the possibly tampered version of the request as originating from an authentic copy of the first digital document if the second authentication tag is equal to the first authentication tag; and the first computer causes the second document to be sent to the second computer only if the second authentication tag is equal to the first authentication tag.