A METHOD FOR THE APPLICATION OF IMPLICIT SIGNATURE SCHEMES
First Claim
1. A method for certifying a correspondent through the use of a certifying authority having control of a public key'"'"'s validity, said method comprising the steps of:
- a) said certifying authority generating a first random number having a value;
b) said certifying authority generating implicit signature components including a first component generated using said first random number, and a second component generated using said first component and a private key of said certifying authority;
c) publishing a public key of said certifying authority; and
d) forwarding said implicit signature components from said certifying authority to said correspondent to enable said first correspondent to generate a new private key using said first component and a new public key using said second component and said public key of said certifying authority;
wherein said certifying authority recertifies said correspondent'"'"'s certificate by changing said value of said first random number.
3 Assignments
0 Petitions
Accused Products
Abstract
A method of verifying a transaction over a data communication system between a first and second correspondent through the use of a certifying authority. The certifying authority has control of a certificate'"'"'s validity, which is used by at least the first correspondent. The method comprises the following steps. One of the first and second correspondents advising the certifying authority that the certificate is to be validated. The certifying authority verifies the validity of the certificate attributed to the first correspondent. The certifying authority generates implicit signature components including specific authorization information. At least one of the implicit signature components is forwarded to the first correspondent for permitting the first correspondent to generate an ephemeral private key. At least one of the implicit signature components is forwarded to the second correspondent for permitting recovery of an ephemeral public key corresponding to the ephemeral private key. The first correspondent signs a message with the ephemeral private key and forwards the message to the second correspondent. The second correspondent attempts to verify the signature using the ephemeral public key and proceeds with the transaction upon verification.
45 Citations
13 Claims
-
1. A method for certifying a correspondent through the use of a certifying authority having control of a public key'"'"'s validity, said method comprising the steps of:
-
a) said certifying authority generating a first random number having a value; b) said certifying authority generating implicit signature components including a first component generated using said first random number, and a second component generated using said first component and a private key of said certifying authority; c) publishing a public key of said certifying authority; and d) forwarding said implicit signature components from said certifying authority to said correspondent to enable said first correspondent to generate a new private key using said first component and a new public key using said second component and said public key of said certifying authority; wherein said certifying authority recertifies said correspondent'"'"'s certificate by changing said value of said first random number. - View Dependent Claims (2, 3, 4, 5, 6, 7)
wherein said first component is γ
A=aP+cAP, and where aP is a long term public key of said correspondent and γ
A has previously been determined by said certifying authority and forwarded to said correspondent.
-
-
6. A method as defined in claim 5, wherein kiP and i are also published.
-
7. A method as defined in claim 6, wherein said correspondent is recertified by forwarding new implicit signature components with said first random number having said changed value from said certifying authority to said correspondent.
-
8. A certifying authority for certifying a correspondent, said certifying authority having control of a public key'"'"'s validity and including a cryptographic unit for:
-
a) generating a first random number having a value; b) generating implicit signature components including a first component generated using said first random number, and a second component generated using said first component and a private key of said certifying authority; c) publishing a public key of said certifying authority; d) forwarding said implicit signature components to said correspondent to enable said first correspondent to generate a new private key using said first component and a new public key using said second component and said public key of said certifying authority; and e) recertifying said correspondent'"'"'s certificate by changing said value of said first random number. - View Dependent Claims (10, 11, 12, 13)
-
-
9. A certifying authority as defined in claim 9, wherein cA is said first random number generated by said certifying authority and:
-
a) said first component is γ
A, where γ
A=aP+cAP, and where aP is a long term public key of said correspondent and P is a point on a curve; andb) said second component is sA, where sA=h(γ
A∥
Ai∥
cP)c+cA(mod n), and where c is a long term private key of said certifying authority, n is a large prime number, Ai is an identifier of said correspondent and includes at least one distinguishing feature of said correspondent, and h indicates a secure hash function.
-
Specification