METHOD FOR SIGNING AND VERIFYING DATA USING MULTIPLE HASH ALGORITHMS AND DIGESTS IN PKCS
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatuses are disclosed for signing and verifying data using multiple hash algorithms and digests in PKCS including, for example, retrieving, at the originating computing device, a message for signing at the originating computing device to yield a signature for the message; identifying multiple hashing algorithms to be supported by the signature; for each of the multiple hashing algorithms identified to be supported by the signature, hashing the message to yield multiple hashes of the message corresponding to the multiple hashing algorithms identified; constructing a single digest having therein each of the multiple hashes of the messages corresponding to the multiple hashing algorithms identified and further specifying the multiple hashing algorithms to be supported by the signature; applying a signing algorithm to the single digest using a private key of the originating computing device to yield the signature for the message; and distributing the message and the signature to receiving computing devices. Other related embodiments are disclosed.
-
Citations
46 Claims
-
1-23. -23. (canceled)
-
24. A method in an originating computing device, the method comprising:
-
retrieving, at the originating computing device, a message for signing at the originating computing device to yield a signature for the message; identifying multiple hashing algorithms to be supported by the signature; for each of the multiple hashing algorithms identified to be supported by the signature, hashing the message to yield multiple hashes of the message corresponding to the multiple hashing algorithms identified; constructing a single digest having therein each of the multiple hashes of the messages corresponding to the multiple hashing algorithms identified and further specifying the multiple hashing algorithms to be supported by the signature; applying a signing algorithm to the single digest using a private key of the originating computing device to yield the signature for the message; and distributing the message and the signature to receiving computing devices. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. One or more non-transitory computer readable storage media having instructions stored thereon that, when executed by a receiving computing device, the instructions cause the receiving computing device to perform operations including:
-
receiving a message and a signature for the message at the receiving computing device from an originating computing device, the originating computing device having created the signature for the message; retrieving a public key associated with the originating computing device for use in verifying the signature; inverting the signature via the public key to yield a plurality of hashes of the message by the originating computing device and a specification of supported hashing algorithms for the signature; selecting one of the supported hashing algorithms for the signature and the corresponding one of the plurality of hashes of the message from the inverted signature; performing a hash on the message received from the originating computing device utilizing the selected one of the supported hashing algorithms to generate a local hash of the message; comparing the local hash of the message to the corresponding one of the plurality of hashes of the message from the inverted signature; and verifying or refuting the signature at the receiving computing device based on the comparison of the local hash to the hash of the message from the inverted signature. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40)
-
-
41. One or more non-transitory computer readable storage media having instructions stored thereon that, when executed by an originating computing device, the instructions cause the originating computing device to perform operations including:
-
retrieving, at the originating computing device, a message for signing at the originating computing device to yield a signature for the message; identifying multiple hashing algorithms to be supported by the signature; for each of the multiple hashing algorithms identified to be supported by the signature, hashing the message to yield multiple hashes of the message corresponding to the multiple hashing algorithms identified; constructing a single digest having therein each of the multiple hashes of the messages corresponding to the multiple hashing algorithms identified and further specifying the multiple hashing algorithms to be supported by the signature; applying a signing algorithm to the single digest using a private key of the originating computing device to yield the signature for the message; and distributing the message and the signature to receiving computing devices. - View Dependent Claims (42, 43)
-
-
44. A receiving computing device, comprising:
-
a processor and a memory; an interface to receive a message and a signature for the message at the receiving computing device from an originating computing device, the originating computing device having created the signature for the message; the interface to further retrieve a public key associated with the originating computing device for use in verifying the signature; and a security module to; (i) invert the signature via the public key to yield a plurality of hashes of the message by the originating computing device and a specification of supported hashing algorithms for the signature, (ii) select one of the supported hashing algorithms for the signature and the corresponding one of the plurality of hashes of the message from the inverted signature, (iii) perform a hash on the message received from the originating computing device utilizing the selected one of the supported hashing algorithms to generate a local hash of the message, (iv) compare the local hash of the message to the corresponding one of the plurality of hashes of the message from the inverted signature, and (v) verify or refute the signature at the receiving computing device based on the comparison of the local hash to the hash of the message from the inverted signature. - View Dependent Claims (45, 46)
-
Specification