Multi-Dimensional Credentialing Using Veiled Certificates
First Claim
1. A method for creating a veiled certificate, the method comprising:
- requesting a certificate from a regulator by sending with a digital signature of the message signed by the owner, the message comprising an owner'"'"'s veiled certificate token, the veiled certificate token comprising an encrypted version of the owner'"'"'s identification data and the owner'"'"'s public key for the certificate, the message further comprising an identification public key, the message being encrypted using the regulator'"'"'s external public key;
validating the certificate request by verifying the sender'"'"'s identity through validation of the digital signature using the owner'"'"'s external public key and verifying the veiled certificate token has been created properly using the identification public key; and
creating a veiled certificate by combining the veiled certificate token, identification public key, and digitally signing the veiled certificate with regulator'"'"'s private key, wherein the owner'"'"'s identification information is inaccessible from the veiled certificate, except to the certificate owner.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with certain embodiments of the present disclosure, a method for creating a veiled certificate is provided. The method comprises requesting a certificate from a regulator by sending a message with a digital signature of the message signed by the owner. The message comprises an owner'"'"'s veiled certificate token, the veiled certificate token comprising an encrypted version of the owner'"'"'s identification data and the owner'"'"'s identification public key for the certificate. The message further comprises the identification public key, the whole message being encrypted using the regulator'"'"'s external public key. The certificate request is validated by verifying the sender'"'"'s identity through validation of the digital signature using the owner'"'"'s external public key and verifying the veiled certificate token using the individual'"'"' external public key. A veiled certificate is created by combining the veiled certificate token, identification public key and digitally signing the veiled certificate with the regulator'"'"'s private key, wherein the owner'"'"'s identification information is inaccessible from the veiled certificate, except to the certificate owner.
70 Citations
20 Claims
-
1. A method for creating a veiled certificate, the method comprising:
-
requesting a certificate from a regulator by sending with a digital signature of the message signed by the owner, the message comprising an owner'"'"'s veiled certificate token, the veiled certificate token comprising an encrypted version of the owner'"'"'s identification data and the owner'"'"'s public key for the certificate, the message further comprising an identification public key, the message being encrypted using the regulator'"'"'s external public key; validating the certificate request by verifying the sender'"'"'s identity through validation of the digital signature using the owner'"'"'s external public key and verifying the veiled certificate token has been created properly using the identification public key; and creating a veiled certificate by combining the veiled certificate token, identification public key, and digitally signing the veiled certificate with regulator'"'"'s private key, wherein the owner'"'"'s identification information is inaccessible from the veiled certificate, except to the certificate owner. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A veiled certificate request processing system comprising:
a regulator system that outputs a veiled certificate to an object, the regulator system being in communication with the object to receive a certificate request from the object comprising an input message with a digital signature of the message signed by the owner, the message comprising an owner'"'"'s veiled certificate token, the veiled certificate token comprising an encrypted version of the owner'"'"'s identification data and the owner'"'"'s identification public key for the certificate, the message further comprising an identification public key, the message being encrypted using the device'"'"'s public key, the regulator system validating the certificate request by verifying the sender'"'"'s identity through validation of the digital signature using the owner'"'"'s external public key and verifying the veiled certificate token construction using the individual'"'"'s external public key, wherein the regulator system outputs the veiled certificate after combining the veiled certificate token, identification public key, and digitally signing the veiled certificate with the regulator'"'"'s external private key, wherein the owner'"'"'s identification information is inaccessible from the veiled certificate, except to the owner. - View Dependent Claims (12, 13, 14, 15, 16)
-
17. A method for creating a veiled certificate, the method comprising:
-
requesting a certificate from a regulator by sending a message with a digital signature of the message signed by the owner, the message comprising an owner'"'"'s veiled certificate token, the veiled certificate token comprising an encrypted version of the owner'"'"'s identification data and the owner'"'"'s identification public key for the certificate, the message further comprising an identification public key and a timestamp that specifies the requested lifetime of the veiled certificate; validating the certificate request by verifying the sender'"'"'s identity through validation of the digital signature using the owner'"'"'s external public key and verifying the veiled certificate token using the individual'"'"'s external public key; and creating a veiled certificate by combining the veiled certificate token, identification public key, and digitally signing the veiled certificate with regulator'"'"'s external private key, wherein the owner'"'"'s identification information is inaccessible from the veiled certificate, except to the owner. - View Dependent Claims (18, 19, 20)
-
Specification