Method, apparatus and article for identification and signature
First Claim
1. A method of creating a unique identifier for use by an entity which cannot be forged by others including those capable or verifying the entity, comprising the steps of:
- (a) selecting a modulus n which is the product of at least two secret primes;
(b) selecting a pseudo random function f capable of mapping arbitrary strings to numbers;
(c) preparing a string I containing information unique to an entity;
(d) selecting k distinct values of j so that each vj =f(I,j) is a residue (mod n) having a root sj ;
(e) computing roots sj of vj-1 (mod n);
(f) recording on a retrievable medium of an identifier I, k, sj and related indices j.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for simple identification and signature which enable any user to prove his identity and the authenticity of his messages to any other user. The method and apparatus are provably secure against any known or chosen message attack if factoring is difficult, and require only 1% to 4% of the number of modular multiplications previously required. The simplicity, security and speed of the method and apparatus derive from microprocessor-based devices which may be incorporated into smart cards, personal computers, passports, and remote control systems.
441 Citations
42 Claims
-
1. A method of creating a unique identifier for use by an entity which cannot be forged by others including those capable or verifying the entity, comprising the steps of:
-
(a) selecting a modulus n which is the product of at least two secret primes; (b) selecting a pseudo random function f capable of mapping arbitrary strings to numbers; (c) preparing a string I containing information unique to an entity; (d) selecting k distinct values of j so that each vj =f(I,j) is a residue (mod n) having a root sj ; (e) computing roots sj of vj-1 (mod n); (f) recording on a retrievable medium of an identifier I, k, sj and related indices j. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 18, 19, 20, 21, 22, 23, 24, 25, 26, 32, 33, 34, 35, 36, 37, 40, 41, 42)
-
-
15. Apparatus for creating a unique identifier for use by an entity and unforgeable by others including those capable of verifying the entity, comprising:
-
(a) means for selecting k distinct indices of j so that each vj =f(I,j) is a quadratic residue (mod n); (b) where f is a pseudo random function f capable of mapping arbitrary strings to numbers in the range (0,n) and n is a modulus which is the product of at least two secret primes and I is a string containing information unique to an entity; (c) means for computing roots sj of vj- 1 (mod n); and (d) means for recording on a retrievable medium of an identifier I, sj and related indices. - View Dependent Claims (16, 17, 38, 39)
-
-
27. An identifier comprising microprocessor means, memory means and I/O means and having recorded in said memory means a string I containing information unique to an entity, a modulus n which is the product of at least two secret primes, a pseudo random function f capable of mapping arbitrary strings to numbers, indices;
- and values vj which are quadratic residues (mod n), values sj which are roots of vj-1 (mod n), said microprocessor means including selection means for selecting a number ri ε
(O,n), and computing means for computing xi =ri2 (mod n) and ##EQU13## in responsive to receiving a binary vector ei1...eik. - View Dependent Claims (28, 29, 30, 31)
- and values vj which are quadratic residues (mod n), values sj which are roots of vj-1 (mod n), said microprocessor means including selection means for selecting a number ri ε
Specification