Platform and method for establishing provable identities while maintaining privacy
0 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a method for utilizing a pseudonym to protect the identity of a platform and its user is described. The method comprises producing a pseudonym that includes a public pseudonym key. The public pseudonym key is placed in a certificate template. Hash operations are performed on the certificate template to produce a certificate hash value, which is transformed from the platform. Thereafter, a signed result is returned to the platform. The signed result is a digital signature for the transformed certificate hash value. Upon performing an inverse transformation of the signed result, a digital signature of the certificate hash value is recovered. This digital signature may be used for data integrity checks for subsequent communications using the pseudonym.
109 Citations
40 Claims
-
1-20. -20. (canceled)
-
21. A method comprising:
-
producing a pseudonym including a public pseudonym key within a first platform;
placing the public pseudonym key into a certificate template;
performing a hash operation on the certificate template to produce a certificate hash value;
performing a transformation on the certificate hash value to create a blinded certificate hash value;
creating a certificate request including the blinded certificate hash value;
digitally signing the certification request with a private key of the first platform to produce a signed certification request; and
transferring the signed certificate request with a device certificate including a public key of the first platform. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
-
-
29. A platform comprising:
-
a transceiver; and
a device in communication with the transceiver, the device including a persistent memory to contain a permanent key pair, at least one pseudonym generated internally within the device and a digital signature of a hash value of a digital certificate chain that includes a public pseudonym key of the at least one pseudonym. - View Dependent Claims (30, 31, 32, 33)
-
-
34. A method comprising:
-
producing a pseudonym within a first platform, the pseudonym representing a persistent identity of the first platform so long as the user chooses to retain the pseudonym;
performing a hash operation on a certificate template including pseudonym to produce a certificate hash value;
performing a transformation on a certificate hash value to create a blinded certificate hash value by multiplying the certificate hash value, being a hash value of information including the pseudonym, by a pseudo-random number generated within and maintained by the first platform; and
transmitting the pseudonym in an obfuscated format to a second platform. - View Dependent Claims (35, 36, 37, 38, 39, 40)
-
Specification