KEY EXCHANGE BASED ON DSA TYPE CERTIFICATES

US 20040117626A1
Filed: 09/12/2003
Published: 06/17/2004
Est. Priority Date: 09/12/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method for generating a shared key comprising:

providing a first certificate from a first peer to a second peer, the first certificate including a plurality of first parameters;

performing a first exponentiation operation to generate a first public key from the second peer using at least one parameter of the plurality of first parameters and a first private key from the second peer;

providing a second certificate and the first public key from the second peer to the first peer, the second certificate comprising a plurality of second parameters;

performing a second exponentiation operation to generate a shared secret key for the second peer using at least one parameter from the plurality of first parameters;

performing a third exponentiation operation to generate the shared secret key for the first peer using the first public key from the second peer and a private key from the first peer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A first certificate is provided from a first peer to a second peer. The first certificate includes a plurality of first parameters. A first exponentiation operation is performed to generate a first public key from the second peer using the plurality of first parameters and the first private key from the second peer. A second certificate and the first public key from the second peer are provided to the first peer. The second certificate comprises a plurality of second parameters. A second exponentiation operation is performed to generate a shared secret key for the second peer using at least one parameter from the plurality of first parameters. A third exponentiation operation is performed to generate the shared secret key for the first peer using the first public key from the second peer and a private key from the first peer.

38 Citations

View as Search Results

32 Claims

1. A method for generating a shared key comprising:
- providing a first certificate from a first peer to a second peer, the first certificate including a plurality of first parameters;
  
  performing a first exponentiation operation to generate a first public key from the second peer using at least one parameter of the plurality of first parameters and a first private key from the second peer;
  
  providing a second certificate and the first public key from the second peer to the first peer, the second certificate comprising a plurality of second parameters;
  
  performing a second exponentiation operation to generate a shared secret key for the second peer using at least one parameter from the plurality of first parameters;
  
  performing a third exponentiation operation to generate the shared secret key for the first peer using the first public key from the second peer and a private key from the first peer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1 wherein the first certificate is a DSA type certificate.
  - 3. The method according to claim 2 wherein the first and second parameters comprise a prime number p_dss, a prime number q_dssa generator g_dssand a public key for the first and second peers, respectively.
  - 4. The method according to claim 3 wherein the first exponentiation operation to generate the first public key is Y_R=g_dss{circumflex over (
    - )}X_Rmod p_dsswhere X_Ris a one-time private key from the second peer.
  - 5. The method according to claim 4 wherein the second exponentiation operation to generate the shared secret key for the second peer is Y_SSK=Y_Adss{circumflex over (
    - )}X_Rmod p_dsswhere Y_Adssis a DSS public key from certificate of peer A.
  - 6. The method according to claim 5 wherein Y_Adss=g_dss{circumflex over (
    - )}X_Adssmod p_dsswhere X_Adssis a DSS private key from certificate of peer A.
  - 7. The method according to claim 5 wherein the third exponentiation operation to generate the shared secret key for the first peer is Y_SSK=YR{circumflex over (
    - )}X_Adssmod p_dsswhere X_Adssis a DSS private key from certificate of peer A.
  - 8. The method according to claim 1 wherein the first and second certificates are sent to the second and first peers, respectively, over a wireless network.

9. An article of manufacture comprising:
- a machine accessible medium including data that, when accessed by a machine, causes the machine to perform operations comprising;
  
  providing a first certificate from a first peer to a second peer, the first certificate including a plurality of first parameters;
  
  performing a first exponentiation operation to generate a first public key from the second peer using the plurality of first parameters and the first private key from the second peer;
  
  providing a second certificate and the first public key from the second peer to the first peer, the second certificate comprising a plurality of second parameters;
  
  performing a second exponentiation operation to generate a shared secret key for the second peer using at least one parameter from the plurality of first parameters;
  
  performing a third exponentiation operation to generate the shared secret key for the first peer using the first public key from the second peer and a private key from the first peer.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The article of manufacture according to claim 9 wherein the first certificate is a DSA type certificate.
  - 11. The article of manufacture according to claim 10 wherein the first and second parameters comprise a prime number p_dss, a prime number q_dss, a generator g_dssand a public key for the first and second peers, respectively.
  - 12. The article of manufacture according to claim 11 wherein the first exponentiation operation to generate the first public key is Y_R=g_dss{circumflex over (
    - )}XR mod p_dsswhere X_Ris a one-time private key from the second peer.
  - 13. The article of manufacture according to claim 12 wherein the second exponentiation operation to generate the shared secret key for the second peer is Y_SSK=Y_Adss{circumflex over (
    - )}X_Rmod p_dsswhere Y_Adssis a DSS public key from certificate of peer A.
  - 14. The article of manufacture according to claim 13 wherein Y_Adss=g_dss{circumflex over (
    - )}X_Adssmod p_dsswhere X_Adssis a DSS private key from certificate of peer A.
  - 15. The article of manufacture according to claim 13 wherein the third exponentiation operation to generate the shared secret key for the first peer is Y_SSK=Y_R{circumflex over (
    - )}X_Adssmod p_dsswhere X_Adssis a DSS private key from certificate of peer A.
  - 16. The article of manufacture according to claim 9 wherein the first and second certificates are sent to the second and first peers, respectively, over a wireless network.

17. A system comprising:
- a processor; and
  
  a memory coupled to the processor, the memory containing program code that, when executed by the processor, causes the processor to;
  
  provide a first certificate from a first peer to a second peer, the first certificate including a plurality of first parameters;
  
  perform a first exponentiation operation to generate a first public key from the second peer using the plurality of first parameters and the first private key from the second peer;
  
  provide a second certificate and the first public key from the second peer to the first peer;
  
  the second certificate comprising a plurality of second parameters;
  
  perform a second exponentiation operation to generate a shared secret key for the second peer using at least one parameter from the plurality of first parameters;
  
  performing a third exponentiation operation to generate the shared secret key for the first peer using the first public key from the second peer and a private key from the first peer.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The system according to claim 17 wherein the first certificate is a DSA type certificate.
  - 19. The system according to claim 18 wherein the first and second parameters comprise a prime number p_dss, a prime number q_dss, a generator g_dssand a public key for the first and second peers, respectively.
  - 20. The system according to claim 19 wherein the first exponentiation operation to generate the first public key is Y_R=g_dss{circumflex over (
    - )}X_Rmod p_dsswhere X_Ris a one-time private key from the second peer.
  - 21. The system according to claim 20 wherein the second exponentiation operation to generate the shared secret key for the second peer is Y_SSK=Y_dss{circumflex over (
    - )}X_Rmod p_dsswhere Y_Adssis a DSS public key from certificate of peer A.
  - 22. The system according to claim 21 wherein Y_Adss=g_dss{circumflex over (
    - )}X_Adsswhere X_Adssis a DSS private key from certificate of peer A.
  - 23. The system according to claim 21 wherein the third exponentiation operation to generate the shared secret key for the first peer is Y_SSK=YR{circumflex over (
    - )}X_Adssmod p_dsswhere X_Adssis a DSS private key from certificate of peer A.
  - 24. The system according to claim 17 wherein the first and second certificates are sent to the second and first peers, respectively, over a wireless network.

25. A method comprising:
- receiving a first certificate including a plurality first parameters;
  
  performing a first exponentiation operation to generate a first public key using at least one parameter of the plurality of first parameters and a first private key;
  
  receiving a second certificate and the first public key, the second certificate including a plurality of second parameters;
  
  performing a second exponentiation operation to generate a first shared secret key using at least one parameter from the plurality of first parameters;
  
  performing a third exponentiation operation to generate a second shared secret key using the first public key and a private key.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32)
- - 26. The method according to claim 25 wherein the first certificate is a DSA type certificate.
  - 27. The method according to claim 26 wherein the first and second parameters each comprises a prime number p_dss, a prime number q_dss, a generator g_dssand a public key.
  - 28. The method according to claim 27 wherein the first exponentiation operation to generate the first public key is Y_R=g_dss{circumflex over (
    - )}X_Rmod P_dsswhere X_Ris a one-time private key.
  - 29. The method according to claim 28 wherein the second exponentiation operation to generate the first shared secret key for the second peer is Y_SSK=Y_Adss{circumflex over (
    - )}X_Rmod p_dsswhere Y_Adssis a DSS public key.
  - 30. The method according to claim 29 wherein Y_Adss=g_dss{circumflex over (
    - )}X_Adssmod p_dsswhere X_Adssis a DSS private key.
  - 31. The method according to claim 29 wherein the third exponentiation operation to generate a second shared secret key is Y_SSK=Y_R{circumflex over (
    - )}X_Adssmod p_dsswhere X_Adssis a DSS private key.
  - 32. The method according to claim 25 wherein the first and second certificates are sent to the second and first peers, respectively, over a wireless network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pioneer Research Center USA Incorporated (Pioneer Corporation)
Original Assignee
Pioneer Research Center USA Incorporated (Pioneer Corporation)
Inventors
ANDREASYAN, ASHOT

Application Number

US10/605,173
Publication Number

US 20040117626A1
Time in Patent Office

Days
Field of Search
US Class Current

713/175
CPC Class Codes

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/0844   with user authentication or...

H04L 9/3263   involving certificates, e.g...

KEY EXCHANGE BASED ON DSA TYPE CERTIFICATES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

38 Citations

32 Claims

Specification

Use Cases

Quick Links

Others

KEY EXCHANGE BASED ON DSA TYPE CERTIFICATES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

32 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others