HIERARCHICAL IDENTITY-BASED ENCRYPTION AND SIGNATURE SCHEMES
First Claim
1. A computer-implemented method of generating a digital signature on a message M for a signer Et which is an entity t levels below an entity E0 in a hierarchical system including at least the entities E0, E1, . . . , Et, t≧
- 2, wherein each entity Ei (i=1, . . . ,t) is a child of entity Ei−
1 in the hierarchical system, the method comprising;
(1) obtaining the signer'"'"'s secret key St which is a member of a group G1;
(2) obtaining the signer'"'"'s integer secret st;
(3) generating a signature component Sig on the message M as a value
Sig=St+stPM wherein;
“
+”
is a group operation in the group G1; and
PM is a value depending on the message M and is a member of the group G1.
0 Assignments
0 Petitions
Accused Products
Abstract
A signature {Sig, {Qi}} is generated on a message M by a signer Et in a hierarchical system including the entities E0, E1, . . . , Et, each entity Ei (i>0) being a child of Ei−1. Here
where: each Si is a secret key of Ei; each si is a secret of Si; PM is a public function of M; each Pi is a public function of the ID'"'"'s of all entities Ej such that 1≦j≦i; each Qi=siP0 where P0 is public. The verifier confirms that
where: the product Πiê(Qi−1,Pi) is taken over all integers i in a proper subset of the integers from 1 to t inclusive; ê is a bilinear non-degenerate mapping; V can be ê(Q0,Pi
-
Citations
25 Claims
-
1. A computer-implemented method of generating a digital signature on a message M for a signer Et which is an entity t levels below an entity E0 in a hierarchical system including at least the entities E0, E1, . . . , Et, t≧
- 2, wherein each entity Ei (i=1, . . . ,t) is a child of entity Ei−
1 in the hierarchical system, the method comprising;
(1) obtaining the signer'"'"'s secret key St which is a member of a group G1;
(2) obtaining the signer'"'"'s integer secret st;
(3) generating a signature component Sig on the message M as a value
Sig=St+stPMwherein;
“
+”
is a group operation in the group G1; and
PM is a value depending on the message M and is a member of the group G1. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- 2, wherein each entity Ei (i=1, . . . ,t) is a child of entity Ei−
-
10. A computer-implemented method of verifying a digital signature on a message M to verify that the digital signature is a valid signature by a signer Et which is an entity t levels below an entity E0 in a hierarchical system including at least the entities E0, E1, . . . , Et, t≧
- 2, wherein each entity Ei (i=1, . . . ,t) is a child of entity Ei−
1 in the hierarchical system, the method comprising;
(1) obtaining a signature component Sig which is an element of a predefined group G1;
(2) obtaining one or more values Qi associated with respective one or more entities Ei, the one or more values Qi including a value Qt;
(3) confirming that wherein;
P0 is a predefined element of a group G1;
the product Π
iê
(Qi−
1,Pi) is taken over all integers i in a proper subset of the integers from 1 to t inclusive;
each Qi−
1=si−
1P0, where si−
1 is an integer secret of the entity Ei−
1;
Qt=stP0, where si is an integer secret of the entity Et;
ê
is a bilinear non-degenerate mapping of G1×
G1 into a predefined group G2;
PM is a value depending on the message M and is a member of the group G1;
each Pi depends on an identity of the entity Ei;
V is an element of the group G2. - View Dependent Claims (11, 12, 13, 14)
- 2, wherein each entity Ei (i=1, . . . ,t) is a child of entity Ei−
-
15. An apparatus operable to generate a digital signature on a message M for a signer Et which is an entity t levels below an entity E0 in a hierarchical system including at least the entities E0, E1, . . . , Et, t≧
- 2, wherein each entity Ei (i=1, . . . ,t) is a child of entity Ei−
1 in the hierarchical system, the apparatus comprising circuitry for;
(1) obtaining the signer'"'"'s secret key St which is a member of a group G1;
(2) obtaining the signer'"'"'s integer secret st;
(3) generating a signature component Sig on the message M as a value
Sig=St+stPMwherein;
“
+”
is a group operation in the group G1; and
PM is a value depending on the message M and is a member of the group G1. - View Dependent Claims (16, 17, 18, 19, 20)
- 2, wherein each entity Ei (i=1, . . . ,t) is a child of entity Ei−
-
21. An apparatus operable to verify a digital signature on a message M to confirm that the digital signature is a valid signature by a signer Et which is an entity t levels below an entity E0 in a hierarchical system including at least the entities E0, E1, . . . , Et, t≧
- 2, wherein each entity Ei (i=1, . . . ,t) is a child of entity Ei−
1 in the hierarchical system, the apparatus comprising circuitry for;
(1) obtaining a signature component Sig which is an element of a predefined group G1;
(2) obtaining one or more values Qi associated with respective one or more entities Ei, the one or more values Qi including a value Qt;
(3) confirming that wherein;
P0 is a predefined public element of a group G1;
ê
is a bilinear non-degenerate mapping of G1×
G1 into a predefined group G2;
PM is a value depending on the message M and is a member of the group G1;
each Pi depends on an identity of the entity Ei;
V is an element of the group G2. - View Dependent Claims (22, 23, 24, 25)
- 2, wherein each entity Ei (i=1, . . . ,t) is a child of entity Ei−
Specification