SYSTEM AND METHOD FOR VERIFYING DIGITAL SIGNATURES ON CERTIFICATES

US 20100211795A1
Filed: 04/30/2010
Published: 08/19/2010
Est. Priority Date: 10/29/2004
Status: Active Grant

First Claim

Patent Images

1. A method of verifying a digital signature on a certificate on a computing device, the method comprising:

a processor of the computing device receiving a public key associated with an issuer of the certificate, and a request to verify the digital signature of the certificate using the received public key;

the processor comparing the received public key with a stored public key residing in a memory store, wherein storage of the stored public key in the memory store indicates that the stored public key was used in a prior successful verification of the digital signature; and

the processor indicating successful verification of the digital signature, in lieu of verifying the digital signature in response to the request, if the received public key matches the stored public key.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for verifying a digital signature on a certificate, which may be used in the processing of encoded messages. In one embodiment, when a digital signature is successfully verified in a signature verification operation, the public key used to verify that digital signature is cached. When a subsequent attempt to verify the digital signature is made, the public key to be used to verify the digital signature is compared to the cached key. If the keys match, the digital signature can be successfully verified without requiring that a signature verification operation in which some data is decoded using the public key be performed.

Citations

24 Claims

1. A method of verifying a digital signature on a certificate on a computing device, the method comprising:
- a processor of the computing device receiving a public key associated with an issuer of the certificate, and a request to verify the digital signature of the certificate using the received public key;
  
  the processor comparing the received public key with a stored public key residing in a memory store, wherein storage of the stored public key in the memory store indicates that the stored public key was used in a prior successful verification of the digital signature; and
  
  the processor indicating successful verification of the digital signature, in lieu of verifying the digital signature in response to the request, if the received public key matches the stored public key.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the computing device comprises a mobile device.
  - 3. The method of claim 1, further comprising the processor identifying the stored public key as stale if the stored public key has been stored in the memory store for longer than a pre-determined duration, wherein the comparing and indicating is performed if the stored public key is not identified as stale.
  - 4. The method of claim 3, further comprising deleting the stored public key from the memory store if the stored public key is identified as stale.
  - 5. The method of claim 1, further comprising the processor marking the stored public key as stale in response to a user request, wherein the comparing and indicating is performed if the stored public key is not marked as stale.
  - 6. The method of claim 5, further comprising deleting the stored public key from the memory store if the stored public key is marked as stale.

7. A method of verifying a digital signature on a certificate on a computing device, the method comprising:
- a processor of the computing device receiving a public key associated with an issuer of the certificate, and a request to verify the digital signature of the certificate using the received public key;
  
  the processor comparing the received public key with a stored public key residing in a memory store, wherein the stored public key is stored with a prior verification result in the memory store; and
  
  the processor indicating successful or unsuccessful verification of the digital signature depending on the prior verification result, in lieu of verifying the digital signature in response to the request, if the received public key matches the stored public key.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, wherein the computing device comprises a mobile device.
  - 9. The method of claim 7, further comprising the processor identifying the stored public key as stale if the stored public key has been stored in the memory store for longer than a pre-determined duration, wherein the comparing and indicating is performed if the stored public key is not identified as stale.
  - 10. The method of claim 9, further comprising deleting the stored public key from the memory store if the stored public key is identified as stale.
  - 11. The method of claim 7, further comprising the processor marking the stored public key as stale in response to a user request, wherein the comparing and indicating is performed if the stored public key is not marked as stale.
  - 12. The method of claim 11, further comprising deleting the stored public key from the memory store if the stored public key is marked as stale.

13. A device comprising a processor and memory, the processor configured to verify a digital signature on a certificate, wherein the processor is configured to:
- receive a public key associated with an issuer of the certificate, and a request to verify the digital signature of the certificate using the received public key;
  
  compare the received public key with a stored public key residing in a memory store, wherein storage of the stored public key in the memory store indicates that the stored public key was used in a prior successful verification of the digital signature; and
  
  indicate successful verification of the digital signature, in lieu of verifying the digital signature in response to the request, if the received public key matches the stored public key.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The device of claim 13, wherein the device comprises a mobile device.
  - 15. The device of claim 13, wherein the processor is further configured to identify the stored public key as stale if the stored public key has been stored in the memory store for longer than a pre-determined duration, and to compare the received public key with a stored public key residing in a memory store and indicate successful verification of the digital signature if the stored public key is not identified as stale.
  - 16. The device of claim 15, wherein the process is further configured to delete the stored public key from the memory store if the stored public key is identified as stale.
  - 17. The device of claim 13, wherein the processor is further configured to mark the stored public key as stale in response to a user request, and to compare the received public key with a stored public key residing in a memory store and indicate successful verification of the digital signature if the stored public key is not marked as stale.
  - 18. The device of claim 17, wherein the processor is further configured to delete the stored public key from the memory store if the stored public key is marked as stale.

19. A device comprising a processor and memory, the processor configured to verify a digital signature on a certificate, wherein the processor is configured to:
- receive a public key associated with an issuer of the certificate, and a request to verify the digital signature of the certificate using the received public key;
  
  compare the received public key with a stored public key residing in a memory store, wherein the stored public key is stored with a prior verification result in the memory store; and
  
  indicate successful or unsuccessful verification of the digital signature depending on the prior verification result, in lieu of verifying the digital signature in response to the request, if the received public key matches the stored public key.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. The device of claim 19, wherein the device comprises a mobile device.
  - 21. The device of claim 19, wherein the processor is further configured to identify the stored public key as stale if the stored public key has been stored in the memory store for longer than a pre-determined duration, and to compare the received public key with a stored public key residing in a memory store and indicate successful or unsuccessful verification of the digital signature depending on the prior verification result if the stored public key is not identified as stale.
  - 22. The device of claim 21, wherein the processor is further configured to delete the stored public key from the memory store if the stored public key is identified as stale.
  - 23. The device of claim 19, wherein the processor is further configured to mark the stored public key as stale in response to a user request, and to compare the received public key with a stored public key residing in a memory store and indicate successful or unsuccessful verification of the digital signature depending on the prior verification result if the stored public key is not marked as stale.
  - 24. The device of claim 23, wherein the processor is further configured to delete the stored public key from the memory store if the stored public key is marked as stale.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Research In Motion Limited (Blackberry Limited)
Inventors
Brown, Michael S., Brown, Michael K.

Granted Patent

US 8,725,643 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06Q 20/0855   involving a third party

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/3821   Electronic credentials

H04L 2209/80   Wireless

H04L 63/0823   using certificates cryptogr...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04L 9/50   using hash chains, e.g. blo...

SYSTEM AND METHOD FOR VERIFYING DIGITAL SIGNATURES ON CERTIFICATES

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR VERIFYING DIGITAL SIGNATURES ON CERTIFICATES

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links