Digital Security

Digital Authentication

The Pen2Net server-based system allows an encrypted “digital signature” based on key-escrow cryptography techniques. A unique identifier ID embedded in Compupen’s EEPROM, generated with the pen at first power-on, and resettable at the factory, acts as the user’s private key. Every digital authentication-subscribed user transmits information to Pen2Net servers via an encrypted channel, as well as encrypting the information with his/her private key. Pen2Net acts as as a verification server, providing public user keys for decryption of private-key encrypted material. The nature of public/private-key cryptography precludes decryption of a private-key-encoded message with anything but the user’s true public key. The verification services to the receiving party provided by Pen2Net in essence ensure true “digital signature” applications.

A Subscription-Based Approach to Authentication

The pricing for digital authentication has not yet been established. Digital authentication services can also be coupled with time-stamping services for applications in MediPen and SciPen. By using a strong 1024-bit RSA encryption scheme in the Bluetooth host software (equivalent to UNIX /SSH2 and Verisign, Inc. Digital Server Certificates), the Pen2Net ASP assures virtually unbreakable data security as well as verifyable pen-authorship.

Digital Timestamps

Pen2Net’s timestamping services are packaged with Pen2Net’s Authentication services and give an objective, authenticated time stamp to all documents written with Pen2Net machines. The applications envisioned include

Intellectual Property ambiguity elimination,
customer registration or client registration services with time-stamp capabilities,
voting applications, and
scientific research verification.

Any written application where time-sensitivity is of the essence benefits from the precise stamps available with Pen2Net services.