AGGREGATE SIGNATURE SCHEMES
First Claim
1. A method for generating an aggregate digital signature comprising generating a first signature component by encrypting a first portion of data using a first encryption key;
- generating a first intermediate signature component from said first signature component and a second portion of data;
generating a second signature component from said first intermediate signature component and a first private key;
generating a third signature component by encrypting one of said first and second signature components using a second encryption key;
generating a second intermediate signature component from said third signature component and said second portion of data;
generating a fourth signature component from said second intermediate signature component and a second private key; and
outputting the other of said first and second signature components and said third and fourth signature components as said digital signature.
7 Assignments
0 Petitions
Accused Products
Abstract
An authenticated RFID system is provided that uses elliptic curve cryptography (ECC) to reduce the signature size and read/write times when compared to traditional public key implementations such as RSA. Either ECDSA or ECPVS can be used to reduce the signature size and ECPVS can be used to hide a portion of the RFID tag that contains sensitive product identifying information. As a result, smaller tags can be used or multiple signatures can be written at different stages in a manufacturing or supply chain. A key management system is used to distribute the verification keys and aggregate signature schemes are also provided for adding multiple signatures to the RFID tags, for example in a supply chain.
121 Citations
25 Claims
-
1. A method for generating an aggregate digital signature comprising generating a first signature component by encrypting a first portion of data using a first encryption key;
- generating a first intermediate signature component from said first signature component and a second portion of data;
generating a second signature component from said first intermediate signature component and a first private key;
generating a third signature component by encrypting one of said first and second signature components using a second encryption key;
generating a second intermediate signature component from said third signature component and said second portion of data;
generating a fourth signature component from said second intermediate signature component and a second private key; and
outputting the other of said first and second signature components and said third and fourth signature components as said digital signature. - View Dependent Claims (2, 3, 4, 5, 6)
- generating a first intermediate signature component from said first signature component and a second portion of data;
-
7. A method for verifying an aggregate digital signature comprising:
-
obtaining said digital signature, said digital signature having a first signature component encrypting at least one other signature component using respective encryption keys, a first of which encrypts a first portion of data, and having at least one secondary signature component, each being generated from either said first signature component or a respective one of said at least one other signature component and a respective private key;
generating a first decryption key using said first signature component and a second portion of data and decrypting said first signature component to obtain a recovered signature component;
using said recovered signature component to recover additional signature components corresponding to said at least one other signature component by generating one or more subsequent decryption keys;
recovering from said first of said at least one other signature components, a representation of said first portion of data; and
examining said representation of said first portion of data for a predetermined characteristic to verify said digital signature. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A method for generating an aggregate digital signature at a plurality of signing stages comprising generating an initial pair of signature components;
- encrypting one of said initial pair of components in a next set of signature components, said next set of signature components including the other of said initial pair of components and two new signature components; and
for subsequent signing stages, encrypting a previous signature component that in turn encrypts another previous signature component and generating an additional new signature component;
wherein the number of signature components in said digital signature at each stage is one more than the total number of signing stages.
- encrypting one of said initial pair of components in a next set of signature components, said next set of signature components including the other of said initial pair of components and two new signature components; and
-
13. A method for generating an aggregate digital signature comprising generating a first signature component using a first value derived from first individual values contributed by each of a plurality of signers;
- generating a second signature component using a second value derived from second individual values contributed by each said plurality of signers; and
outputting said digital signature having said first and second signature components. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- generating a second signature component using a second value derived from second individual values contributed by each said plurality of signers; and
-
21. A method for verifying an aggregate digital signature comprising obtaining said digital signature having a first signature component generated using a first value derived from first individual values contributed by each of a plurality of signers and a second signature component generated using a second value derived from second individual values contributed by each said plurality of signers;
- combining individual public values of respective ones of said plurality of signers to generate a combined public key; and
using said combined public key in at least one step in a signature verification process. - View Dependent Claims (22, 23, 24, 25)
- combining individual public values of respective ones of said plurality of signers to generate a combined public key; and
Specification