Maintaining Privacy for Transactions Performable by a User Device Having a Security Module

US 20070244833A1
Filed: 08/20/2004
Published: 10/18/2007
Est. Priority Date: 10/17/2003
Status: Active Grant

First Claim

Patent Images

1. A method for maintaining privacy for transactions comprising employing a user device having a security module with a privacy certification authority computers and a verification computer, the verification computer having obtained public keys from the privacy certification authority computer and from an issuer that provides attestation of the security module, the method further comprising the steps of:

receiving a first and second set of attestation-signature values, the first set of attestation-signature values being generated by the user device using first attestation values obtained from the issuer and the second set of attestation-signature values being generated by the user device using second attestation values obtained from the privacy certification authority computer;

checking the validity of the first set of attestation-signature values with the public key of the issuer;

checking the validity of the second set of attestation-signature values with the public key of the privacy certification authority computer ;

and verifying whether or not the first and second sets of attestation-signature values relate to the user device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention discloses a method and system for maintaining privacy for transactions performable by a user device having a security module with a privacy certification authority and a verifier. The system comprises an issuer providing an issuer public key PKI; a user device having a security module for generating a first set of attestation-signature values DAA1; a privacy certification authority computer for providing an authority public key PKPCA and issuing second attestation values AV2; and a verification computer for checking the validity of the first set of attestation signature values DAA1 with the issuer public key PKI and the validity of a second set of attestation-signature values DAA2 with the authority public key PKPCA, the second set of attestation-signature values DAA2 being derivable by the user device 20 from the second attestation values AV2, wherein it is verifiable that the two sets of attestation-signature values DAA1, DAA2 relate to the user device.

35 Citations

View as Search Results

20 Claims

1. A method for maintaining privacy for transactions comprising employing a user device having a security module with a privacy certification authority computers and a verification computer, the verification computer having obtained public keys from the privacy certification authority computer and from an issuer that provides attestation of the security module, the method further comprising the steps of:
- receiving a first and second set of attestation-signature values, the first set of attestation-signature values being generated by the user device using first attestation values obtained from the issuer and the second set of attestation-signature values being generated by the user device using second attestation values obtained from the privacy certification authority computer;
  
  checking the validity of the first set of attestation-signature values with the public key of the issuer;
  
  checking the validity of the second set of attestation-signature values with the public key of the privacy certification authority computer ;
  
  and verifying whether or not the first and second sets of attestation-signature values relate to the user device.
- View Dependent Claims (2, 3, 4, 5, 10, 11, 18, 19, 20)
- - 2. The method according to claim 1, wherein the step of verifying comprises the step of:
    - verifying that a first value is derived from a base value, comprised in the first set of attestation-signature values, and identical to a second value that is derived from said base value and is comprised in the second set of attestation-signature values 1.
  - 3. The method according to claim 1, wherein the step of verifying comprises the step of:
    - verifying a proof that the first and second attestation-signature values are based on the first and second attestation values that are derived from at least one common value 2.
  - 4. The method according to claim 2, wherein the base value is different each time the method is applied.
  - 5. The method according to claim 3, wherein the common value is derived from an endorsement key that is related to the security module.
  - 10. A computer program element comprising program code means for performing the method of claim 1 when said program is run on a computer.
  - 11. A computer program product stored on a computer usable medium, comprising computer readable program means for causing a computer to perform the method according to claim 1.
  - 18. The method according to claim 1, wherein the step of verifying comprises verifying that a first value is derived from a base value, comprised in the first set of attestation-signature values, and identical to a second value that is derived from said base value and is comprised in the second set of attestation-signature values;
    - wherein the step of verifying comprises verifying a proof that the first and second attestation-signature values are based on the first and second attestation values that are derived from at least one common value;
      
      wherein the base value is different each time the method is applied; and
      
      wherein the common value is derived from an endorsement key that is related to the security module.
  - 19. An article of manufacture comprising a computer usable medium having computer readable program code means embodied therein for causing maintenance of privacy for transactions, the computer readable program code means in said article of manufacture comprising computer readable program code means for causing a computer to effect the steps of claim 18.
  - 20. A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for maintaining privacy for transactions, said method steps comprising the steps of claim 18.

6. A method for maintaining privacy for transactions comprising employing a user device having a security module with a privacy certification authority computer and a verification computer, the privacy certification authority computer having obtained a public key from an issuer that provides attestation of the security module;
- the method further comprising the steps of;
  
  receiving an initial set of attestation-signature values (DAA1′
  
  ) from the user device, the initial set of attestation-signature values (DAA1′
  
  ) being generated by the user device using first attestation values obtained from the issuers;
  
  checking the validity of the initial set of attestation-signature values with the public key of the issuer;
  
  responsive to the checking step issuing second attestation values that relate to the initial set of attestation-signature values (DAA1′
  
  ); and
  
  providing the second attestation values to the user device, a second set of attestation-signature values being derivable from the second attestation values, wherein it is verifiable that a first set of attestation-signature values and the second set of attestation-signature values relate to the user device, the first set of attestation-signature values is generatable by the user device using first attestation values obtained from the issuers.
- View Dependent Claims (7, 13, 14)
- - 7. The method according to claim 6, wherein the step of issuing the second attestation values further comprises the step of:
    - receiving a request value from the user device and verifying whether the request value relates to the initial set of attestation-signature values.
  - 13. An article of manufacture comprising a computer usable medium having computer readable program code means embodied therein for causing maintenance of privacy for transactions, the computer readable program code means in said article of manufacture comprising computer readable program code means for causing a computer to effect the steps of claim 6.
  - 14. A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for maintaining privacy for transactions, said method steps comprising the steps of claim 6.

8. A method comprising maintaining privacy for transactions performable by a user device having a security module with a privacy certification authority computer and an verification computer, the user device having obtained first attestation values from an issuer and second attestation values from the privacy certification authority computer, the method step of maintaining comprising the steps of:
- generating a first set of attestation-signature values by using the first attestation values and a second set of attestation-signature values by using the second attestation values ;
  
  and sending the first and second set of attestation-signature values to the verification computer, wherein the verification computer is able to check the validity of the first set of attestation-signature values with an issuer public key (PK_I) of the issuer, the validity of the second set of attestation-signature values with an authority public key (PK_PCA) of the privacy certification authority computer and to verify that the first and second sets of attestation-signature value relate to the user device.
- View Dependent Claims (9, 15, 16)
- - 9. The method according to claim 8, wherein the step of generating comprises using an endorsement key that is related to the security module.
  - 15. An article of manufacture comprising a computer usable medium having computer readable program code means embodied therein for causing maintenance of privacy for transactions, the computer readable program code means in said article of manufacture comprising computer readable program code means for causing a computer to effect the steps of claim 8.
  - 16. A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for maintaining privacy for transactions, said method steps comprising the steps of claim 8.

12. A system for maintaining privacy while computers performing transactions comprising:
- an issuers providing an issuer public key (PK_I);
  
  a user device having a security module for generating a first set of attestation-signature values;
  
  a privacy certification authority computer for providing an authority public key (PK_PCA) and issuing second attestation values; and
  
  a verification computer for checking the validity of the first set of attestation-signature values with the issuer public key (PK_I)and the validity of a second set of attestation-signature values with the authority public key (PK_PCA), the second set of attestation-signature values being derivable by the user device from the second attestation values, wherein it is verifiable that the first and second sets of attestation-signature values relate to the user device.
- View Dependent Claims (17)
- - 17. A computer program product comprising a computer usable medium having computer readable program code means embodied therein for causing maintenance of privacy for transactions, the computer readable program code means in said computer program product comprising computer readable program code means for causing a computer to effect the functions of claim 12.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Camenisch, Jan

Granted Patent

US 7,822,689 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/71
CPC Class Codes

G06F 21/33   using certificates

G06F 21/57   Certifying or maintaining t...

G06F 21/602   Providing cryptographic fac...

G06Q 20/382   insuring higher security of...

G06Q 20/3829   involving key management

H04L 9/321   involving a third party or ...

H04L 9/3234   involving additional secure...

H04L 9/3257   using blind signatures

Maintaining Privacy for Transactions Performable by a User Device Having a Security Module

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

35 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Maintaining Privacy for Transactions Performable by a User Device Having a Security Module

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links