Malleable pseudonym certificate system and method
First Claim
1. A computing apparatus for a user to certify a data in a communication network, said networking including a trusted entity and at least one verifier, said computing apparatus comprising:
- a root proof unit, operatively coupled to said network, said root proof unit being adapted to receive a root proof from said trusted entity;
a pseudonym certificate generating unit, operatively coupled to said root proof unit, said pseudonym certificate generating unit being adapted to generate at least one pseudonym certificate based on said root proof; and
a transmission unit, operatively coupled to said pseudonym certification generating unit, said transmission unit being adapted to transmit said user'"'"'s data, coupled with said pseudonym certificate, to said communication network.
2 Assignments
0 Petitions
Accused Products
Abstract
The invention provides a malleable pseudonym certificate system and method for a communication network. According to one embodiment of the invention, a user acquires a root proof from a trusted entity, generates one or more pseudonym certificates based on the root proof, and sends anonymous public keys each equipped with one pseudonym certificate to verifiers. Through use of the pseudonym certificate, the verifier believes that the user'"'"'s anonymous public key is certified by the trusted entity. The pseudonym certificate contains no information by which the verifier can figure out the real identity of the user. With the malleable pseudonym certificate system, the trusted entity needs only certify once for the user'"'"'s root public key. The user can generate by him or herself mass anonymous public keys where each anonymous public key is equipped with a distinct pseudonym certificate.
-
Citations
58 Claims
-
1. A computing apparatus for a user to certify a data in a communication network, said networking including a trusted entity and at least one verifier, said computing apparatus comprising:
-
a root proof unit, operatively coupled to said network, said root proof unit being adapted to receive a root proof from said trusted entity;
a pseudonym certificate generating unit, operatively coupled to said root proof unit, said pseudonym certificate generating unit being adapted to generate at least one pseudonym certificate based on said root proof; and
a transmission unit, operatively coupled to said pseudonym certification generating unit, said transmission unit being adapted to transmit said user'"'"'s data, coupled with said pseudonym certificate, to said communication network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for a user to certify a data in a communication network, said networking including a trusted entity and at least one verifier, said method comprising:
-
receiving a root proof from said trusted entity;
generating at least one pseudonym certificate based on said root proof; and
transmitting said user'"'"'s data coupled with one pseudonym certificate to one verifier. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. An apparatus for managing certificates in a communication network, said networking
including at least one user and at least one verifier, said apparatus comprising: -
a system parameter computing unit being adapted to compute system parameters;
a parameter publishing unit, operatively coupled to said system parameter computing unit, said parameter publishing unit being adapted to publish shared system parameters which are to be shared by said user and verifier;
a root proof request receiving unit, operatively coupled to said network, said root proof request receiving unit being adapted to receive a root proof request from said user; and
a root proof generating unit, operatively coupled to said root proof request receiving unit and said system parameter computing unit, said root proof generating unit being adapted to generate a root proof for said user in response to said root proof request, said root proof being used for the user to generate a plurality of pseudonym certificates. - View Dependent Claims (22, 23, 24, 25, 26)
-
-
27. A method for managing certificates in a communication network, said networking including at least one user and at least one verifier, said method comprising:
-
computing system parameters;
publishing shared system parameters, which are to be shared by said user and verifier;
receiving a root proof request from said user; and
generating a root proof for said user in response to said root proof request, said root proof being used for the user to generate a plurality of pseudonym certificates. - View Dependent Claims (28, 29, 30, 31, 32)
-
-
33. A malleable pseudonym certificate system for a user in a communication network, said networking including a trusted entity, said system comprising:
-
a root proof unit, operatively coupled to said network, said root proof unit being adapted to receive a root proof from said trusted entity;
a pseudonym certification generating unit, operatively coupled to said root proof unit, said pseudonym certification generating unit being adapted to generate at least one pseudonym certificate based on said root proof;
a transmission unit, operatively coupled to said pseudonym certification generating unit, said transmission unit being adapted to transmit said user'"'"'s data, coupled with said pseudonym certificate, to said communication network; and
a verifier unit, operatively coupled to said communication network, said verifier unit being adapted to verify said user'"'"'s data by the pseudonym certificate received. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
-
-
44. A method of certifying a user'"'"'s data by a pseudonym certificate in a communication network, said networking including a trusted entity and at least one verifier, comprising:
-
issuing a root proof from said trusted entity to said user;
generating at least one pseudonym certificate based on said root proof by the user; and
transmitting said user'"'"'s data coupled with one pseudonym certificate to one verifier, said verifier verifying said user'"'"'s data by said pseudonym certificate. - View Dependent Claims (45, 46, 47, 48, 49, 50, 51, 52, 53, 54)
-
-
55. A manufacturing article having a machine readable medium with instructions recorded thereon which, when executed by one or more processors, causes the processors to:
-
receive a root proof from a trusted entity;
generate at least one pseudonym certificates from said root proof; and
transmit a data, coupled with one of said pseudonym certificates, to a verifier. - View Dependent Claims (56)
-
-
57. A manufacturing article having a machine readable medium with instructions recorded thereon which, when executed by a processor, cause the processor to:
-
compute system parameters;
publish shared parameters, which are to be shared by all users of a network;
receive a root proof request from one of said users of the network; and
generate a root proof for said user, said root proof being used for said user to generate a plurality of pseudonym certificates. - View Dependent Claims (58)
-
Specification