METHOD AND SYSTEM FOR GENERATING IMPLICIT CERTIFICATES AND APPLICATIONS TO IDENTITY-BASED ENCRYPTION (IBE)
First Claim
1. In a communication system, a method of transmitting messages encrypted with identity-based public keys derived from information provided by a certification authority, said certification authority having a pair of public and private keys, said method comprising:
- providing a recipient'"'"'s registration request to the certification authority, said registration request correlating to a first secret value selected by the recipient;
upon receiving a request from the sender, said request from the sender including an identity information of the recipient selected by the sender, the certification authority generating a public key reconstruction data from said registration request, said identity information selected by the sender, a second secret value selected by the certification authority and a certificate information selected by the certification authority;
transmitting an implicit certificate to the sender, said implicit certificate including said public key reconstruction data and said certificate information;
reconstructing a public key of the recipient from said implicit certificate, said certificate information and the certification authority'"'"'s public key;
transmitting to the recipient a message encrypted with said public key of the recipient together with an indication that said public key is reconstructed from said implicit certificate, said indication including said sender selected identity information.
4 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to a method of generating an implicit certificate and a method of generating a private key from a public key. The method involves a method generating an implicit certificate in three phases. The public key may be an entity'"'"'s identity or derived from an entity'"'"'s identify. Only the owner of the public key possesses complete information to generate the corresponding private key. No authority is required to nor able to generate an entity'"'"'s private key.
-
Citations
12 Claims
-
1. In a communication system, a method of transmitting messages encrypted with identity-based public keys derived from information provided by a certification authority, said certification authority having a pair of public and private keys, said method comprising:
-
providing a recipient'"'"'s registration request to the certification authority, said registration request correlating to a first secret value selected by the recipient; upon receiving a request from the sender, said request from the sender including an identity information of the recipient selected by the sender, the certification authority generating a public key reconstruction data from said registration request, said identity information selected by the sender, a second secret value selected by the certification authority and a certificate information selected by the certification authority; transmitting an implicit certificate to the sender, said implicit certificate including said public key reconstruction data and said certificate information; reconstructing a public key of the recipient from said implicit certificate, said certificate information and the certification authority'"'"'s public key; transmitting to the recipient a message encrypted with said public key of the recipient together with an indication that said public key is reconstructed from said implicit certificate, said indication including said sender selected identity information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of providing a recipient'"'"'s public key to a sender and a private key corresponding to said public key to the recipient, said method comprising the steps of:
-
said recipient selecting a secret contribution to said public key and generating a registration request information from said secret contribution, providing said registration request information and a first identify information associated with the recipient to a certification authority; transmitting to the certification authority a request for an implicit certificate of the public key, said implicit certificate request including said first identity information and a second identity information of the recipient selected by the sender; the certificate authority generating a public key reconstruction data from the registration request information, the first and second identity information, a certificate information selected by the certification authority and a private contribution selected by the certification authority; transmitting said implicit certificate to the sender, the implicit certificate including said public key reconstruction data and said certificate information; computing the public key from the implicit certificate and the certification authority'"'"'s public key; upon receiving a private key request from the recipient, providing a privatization information and the implicit certificate to the recipient; and the recipient computing the private key from the implicit certificate and the privatization information. - View Dependent Claims (11)
-
-
12. In a communication system, a method of providing a recipient'"'"'s public key to a sender, said public key being based on identity information of the recipient, said method comprising:
-
providing the recipient'"'"'s registration request to a certification authority, said registration request including the recipient'"'"'s first identity information and registration information correlating to a first secret value selected by the recipient; providing said first identity information to the sender; transmitting to the certification authority a request for an implicit certificate, said request including said first identity information and a second identity information of the recipient selected by the sender; generating a public key reconstruction data from said registration request, said first and second identity information, a third identity information of the recipient selected by the certification authority and a second secret value selected by the certification authority; transmitting an implicit certificate to the sender, said implicit certificate including said public key reconstruction data and said third identity information; and reconstructing a public key of the recipient from said public key reconstruction data, said first, second and third identity information and the certification authority'"'"'s public key.
-
Specification