METHOD AND SYSTEM FOR GENERATING IMPLICIT CERTIFICATES AND APPLICATIONS TO IDENTITY-BASED ENCRYPTION (IBE)

US 20090046852A1
Filed: 07/10/2008
Published: 02/19/2009
Est. Priority Date: 07/17/2007
Status: Active Grant

First Claim

Patent Images

1. In a communication system, a method of transmitting messages encrypted with identity-based public keys derived from information provided by a certification authority, said certification authority having a pair of public and private keys, said method comprising:

providing a recipient'"'"'s registration request to the certification authority, said registration request correlating to a first secret value selected by the recipient;

upon receiving a request from the sender, said request from the sender including an identity information of the recipient selected by the sender, the certification authority generating a public key reconstruction data from said registration request, said identity information selected by the sender, a second secret value selected by the certification authority and a certificate information selected by the certification authority;

transmitting an implicit certificate to the sender, said implicit certificate including said public key reconstruction data and said certificate information;

reconstructing a public key of the recipient from said implicit certificate, said certificate information and the certification authority'"'"'s public key;

transmitting to the recipient a message encrypted with said public key of the recipient together with an indication that said public key is reconstructed from said implicit certificate, said indication including said sender selected identity information.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a method of generating an implicit certificate and a method of generating a private key from a public key. The method involves a method generating an implicit certificate in three phases. The public key may be an entity'"'"'s identity or derived from an entity'"'"'s identify. Only the owner of the public key possesses complete information to generate the corresponding private key. No authority is required to nor able to generate an entity'"'"'s private key.

84 Citations

View as Search Results

12 Claims

1. In a communication system, a method of transmitting messages encrypted with identity-based public keys derived from information provided by a certification authority, said certification authority having a pair of public and private keys, said method comprising:
- providing a recipient'"'"'s registration request to the certification authority, said registration request correlating to a first secret value selected by the recipient;
  
  upon receiving a request from the sender, said request from the sender including an identity information of the recipient selected by the sender, the certification authority generating a public key reconstruction data from said registration request, said identity information selected by the sender, a second secret value selected by the certification authority and a certificate information selected by the certification authority;
  
  transmitting an implicit certificate to the sender, said implicit certificate including said public key reconstruction data and said certificate information;
  
  reconstructing a public key of the recipient from said implicit certificate, said certificate information and the certification authority'"'"'s public key;
  
  transmitting to the recipient a message encrypted with said public key of the recipient together with an indication that said public key is reconstructed from said implicit certificate, said indication including said sender selected identity information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further including the step ofproviding another identity information of the recipient to the certification authority, said another identity information being selected by the recipient,wherein said public key reconstruction data incorporates said another identity information.
  - 3. The method of claim 1, whereinsaid certificate information includes a third identity information of the recipient selected by the certification authority.
  - 4. The method of claim 1, further comprising:
    - the recipient transmitting a private key request to the certification authority, said private key request including all identity information of the recipient used during generating said implicit certificate,the certification authority providing a private key reconstruction data and said public key reconstruction data to the recipient, said private key reconstruction data being generated by combining mathematically the certification authority'"'"'s private key, said all identity information, said public key reconstruction data, and said second secret value,wherein a private key of the recipient is generated from said implicit certificate, said certification information, said private key reconstruction data and said first secret value.
  - 5. The method of claim 1, further comprising:
    - establishing a correspondence between said second secret value and the request from the sender.
  - 6. The method of claim 5, wherein said correspondence is established using a secret deterministic function incorporating all identity information used during generating said implicit certificate.
  - 7. The method of claim 1, wherein an elliptic curve encryption scheme is used, and the public key reconstruction data is determined mathematically from the formula R+kG, wherein R is the registration request, k is the second secret value selected by the certification authority and G is a generator of an elliptic curve group E selected for the elliptic curve encryption scheme.
  - 8. The method of claim 7, wherein the private key reconstruction data is determined mathematically from the formula kh+c mod n, wherein h is a hash value derived from the implicit certificate, c is the certification authority'"'"'s private key and n is the order of the elliptic curve group E.
  - 9. The method of claim 8, wherein the recipient'"'"'s public key is determined mathematically from the formula hP+C and the recipient'"'"'s private key is determined mathematically from the formula rh+s mod n, wherein P is the public key reconstruction data, C is the certification formula rh+s mod n, wherein P is the public key reconstruction data, C is the certification authority'"'"'s public key, r is the first secret value selected by the recipient and s is the private key reconstruction data,

10. A method of providing a recipient'"'"'s public key to a sender and a private key corresponding to said public key to the recipient, said method comprising the steps of:
- said recipient selecting a secret contribution to said public key and generating a registration request information from said secret contribution,providing said registration request information and a first identify information associated with the recipient to a certification authority;
  
  transmitting to the certification authority a request for an implicit certificate of the public key, said implicit certificate request including said first identity information and a second identity information of the recipient selected by the sender;
  
  the certificate authority generating a public key reconstruction data from the registration request information, the first and second identity information, a certificate information selected by the certification authority and a private contribution selected by the certification authority;
  
  transmitting said implicit certificate to the sender, the implicit certificate including said public key reconstruction data and said certificate information;
  
  computing the public key from the implicit certificate and the certification authority'"'"'s public key;
  
  upon receiving a private key request from the recipient, providing a privatization information and the implicit certificate to the recipient; and
  
  the recipient computing the private key from the implicit certificate and the privatization information.
- View Dependent Claims (11)
- - 11. The method of claim 10, wherein the privatization information is generated by combining mathematically the implicit certificate, the private contribution selected by the certification authority and the certification authority'"'"'s private key.

12. In a communication system, a method of providing a recipient'"'"'s public key to a sender, said public key being based on identity information of the recipient, said method comprising:
- providing the recipient'"'"'s registration request to a certification authority, said registration request including the recipient'"'"'s first identity information and registration information correlating to a first secret value selected by the recipient;
  
  providing said first identity information to the sender;
  
  transmitting to the certification authority a request for an implicit certificate, said request including said first identity information and a second identity information of the recipient selected by the sender;
  
  generating a public key reconstruction data from said registration request, said first and second identity information, a third identity information of the recipient selected by the certification authority and a second secret value selected by the certification authority;
  
  transmitting an implicit certificate to the sender, said implicit certificate including said public key reconstruction data and said third identity information; and
  
  reconstructing a public key of the recipient from said public key reconstruction data, said first, second and third identity information and the certification authority'"'"'s public key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Certicom Corporation (Blackberry Limited)
Inventors
Vanstone, Scott A.

Granted Patent

US 8,457,307 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/30
CPC Class Codes

H04L 9/3073 involving pairings, e.g. id...

H04L 9/3263 involving certificates, e.g...

METHOD AND SYSTEM FOR GENERATING IMPLICIT CERTIFICATES AND APPLICATIONS TO IDENTITY-BASED ENCRYPTION (IBE)

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

84 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR GENERATING IMPLICIT CERTIFICATES AND APPLICATIONS TO IDENTITY-BASED ENCRYPTION (IBE)

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

84 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links