EFFICIENT POST-QUANTUM ANONYMOUS ATTESTATION WITH SIGNATURE-BASED JOIN PROTOCOL AND UNLIMITED SIGNATURES
First Claim
1. An apparatus, comprising:
- a computer readable memory;
a signature module to;
generate a set of cryptographic keys for attestation of group member devices and a set of leaf nodes in a sub-tree of a Merkle tree corresponding to the set of cryptographic keys;
forward the set of leaf nodes to a group manager device;
receive, from the group manager device, a subset of intermediate nodes in the Merkle tree, the intermediate nodes being common to all available authentications paths through the Merkel tree for signatures originating in the sub-tree; and
determine a cryptographic key that defines an authentication path through the Merkle tree, the authentication path comprising one or more nodes from the set of leaf nodes and one or more nodes from the intermediate nodes received from the group manager device.
1 Assignment
0 Petitions
Accused Products
Abstract
In one example an apparatus comprises a computer readable memory; and a signature module to generate a set of cryptographic keys for attestation of group member devices and a set of leaf nodes in a sub-tree of a Merkle tree corresponding to the set of cryptographic keys, forward the set of leaf nodes to a group manager device, receive, from the group manager device, a subset of intermediate nodes in the Merkle tree, the intermediate nodes being common to all available authentications paths through the Merkel tree for signatures originating in the sub-tree, and determine a cryptographic key that defines an authentication path through the Merkle tree, the authentication path comprising one or more nodes from the set of leaf nodes and one or more nodes from the intermediate nodes received from the group manager device. Other examples may be described.
-
Citations
21 Claims
-
1. An apparatus, comprising:
-
a computer readable memory; a signature module to; generate a set of cryptographic keys for attestation of group member devices and a set of leaf nodes in a sub-tree of a Merkle tree corresponding to the set of cryptographic keys; forward the set of leaf nodes to a group manager device; receive, from the group manager device, a subset of intermediate nodes in the Merkle tree, the intermediate nodes being common to all available authentications paths through the Merkel tree for signatures originating in the sub-tree; and determine a cryptographic key that defines an authentication path through the Merkle tree, the authentication path comprising one or more nodes from the set of leaf nodes and one or more nodes from the intermediate nodes received from the group manager device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method, comprising:
-
generating a set of cryptographic keys for attestation of group member devices and a set of leaf nodes in a sub-tree of a Merkle tree corresponding to the set of cryptographic keys; forwarding the set of leaf nodes to a group manager device; receiving, from the group manager device, a subset of intermediate nodes in the Merkle tree, the intermediate nodes being common to all available authentications paths through the Merkel tree for signatures originating in the sub-tree; and determining a cryptographic key that defines an authentication path through the Merkle tree, the authentication path comprising one or more nodes from the set of leaf nodes and one or more nodes from the intermediate nodes received from the group manager device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium comprising instructions which, when executed by a processor, configure the processor to perform operations, comprising:
-
storing a public key associated with a signing device in a computer-readable medium; generating a set of cryptographic keys for attestation of group member devices and a set of leaf nodes in a sub-tree of a Merkle tree corresponding to the set of cryptographic keys; forwarding the set of leaf nodes to a group manager device; receiving, from the group manager device, a subset of intermediate nodes in the Merkle tree, the intermediate nodes being common to all available authentications paths through the Merkel tree for signatures originating in the sub-tree; and determining a cryptographic key that defines an authentication path through the Merkle tree, the authentication path comprising one or more nodes from the set of leaf nodes and one or more nodes from the intermediate nodes received from the group manager device. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification