Fair cryptosystems and methods of use
First Claim
1. A method, using a public-key cryptosystem, for enabling a predetermined entity to monitor communications of users suspected of unlawful activities while protecting the privacy of law-abiding users, wherein each user is assigned a pair of matching secret and public keys, comprising the steps of:
- breaking each user'"'"'s secret key into shares;
providing trustees pieces of information enabling the trustees to verify that the pieces of information include shares of a secret key of some given public key; and
upon a predetermined request, having the trustees reveal the shares of the secret key of a user suspected of unlawful activity to enable the entity to attempt reconstruction of the secret key; and
monitoring communications to the suspect user during a time period specified in the predetermined request.
5 Assignments
0 Petitions
Reexamination
Accused Products
Abstract
A method, using a public-key cryptosystem, for enabling a predetermined entity to monitor communications of users suspected of unlawful activities while protecting the privacy of law-abiding users, wherein each user is assigned a pair of matching secret and public keys. According to the method, each user'"'"'s secret key is broken into shares. Then, each user provides a plurality of "trustees" pieces of information. The pieces of information provided to each trustee enable that trustee to verify that such information includes a "share" of a secret key of some given public key. Each trustee can verify that the pieces of information provided include a share of the secret key without interaction with any other trustee or by sending messages to the user. Upon a predetermined request or condition, e.g., a court order authorizing the entity to monitor the communications of a user suspected of unlawful activity, the trustees reveal to the entity the shares of the secret key of such user. This enables the entity to reconstruct the secret key and monitor the suspect user'"'"'s communications.
193 Citations
13 Claims
-
1. A method, using a public-key cryptosystem, for enabling a predetermined entity to monitor communications of users suspected of unlawful activities while protecting the privacy of law-abiding users, wherein each user is assigned a pair of matching secret and public keys, comprising the steps of:
-
breaking each user'"'"'s secret key into shares; providing trustees pieces of information enabling the trustees to verify that the pieces of information include shares of a secret key of some given public key; and upon a predetermined request, having the trustees reveal the shares of the secret key of a user suspected of unlawful activity to enable the entity to attempt reconstruction of the secret key; and monitoring communications to the suspect user during a time period specified in the predetermined request. - View Dependent Claims (2)
-
-
3. A method, using a cryptosystem, for enabling a predetermined entity to monitor communications of users suspected of unlawful activities while protecting the privacy of law-abiding users, comprising the steps of:
-
providing trustees pieces of information that are guaranteed to include shares of at least a secret decryption key; and upon a predetermined request, having the trustees reveal the shares of the secret decryption key to enable the entity to attempt to monitor communications to the suspected user during a time period specified in the predetermined request.
-
-
4. A method, using a cryptosystem, for enabling a predetermined entity to monitor communications of users suspected of unlawful activities while protecting the privacy of law-abiding users, comprising the steps of:
-
having trustees hold pieces of information, wherein a piece of information is guaranteed to include a share of secret decryption key; and upon a predetermined request, having a given number of trustees each reveal the piece of information that includes the share of at least one secret decryption key to enable the entity to monitor communications to the suspected user. - View Dependent Claims (5, 6)
-
-
7. A method, using a cryptosystem, for enabling a predetermined entity to monitor communications of users suspected of unlawful activities while protecting the privacy of law-abiding users, wherein one user has at least a secret decryption key, comprising the steps of:
-
having trustees hold pieces of information that are guaranteed to include shares of a secret decryption key; and upon a predetermined request, having a given number of trustees each reveal the piece of information that includes the share of the secret decryption key to enable the entity to attempt to monitor communications to the user suspected of unlawful activities. - View Dependent Claims (8)
-
-
9. A method for revealing a user'"'"'s secret value, comprising the steps of:
-
having trustees hold pieces of information, wherein a piece of information includes a share of secret value; and upon a predetermined request, having a given number of trustees each reveal the piece of information that includes the share of the secret value to enable the entity to reconstruct the secret value at a prescribed time specified in the predetermined request.
-
-
10. A method, using a cryptosystem, for enabling a predetermined entity to monitor communications of users suspected of unlawful activities while protecting the privacy of law-abiding users, comprising the steps of:
-
having trustees hold pieces of information that are guaranteed to include shares of a secret decryption key; upon a predetermined request, having the trustees send information to a secure device having its own internal clock; and using the secure device to enable the entity to monitor communications to a suspect user for an amount of time as specified in the predetermined request.
-
-
11. A method, using a cryptosystem, for enabling a predetermined entity to verify that a user is sending messages encrypted by means of a secure device implementing the given cryptosystem, wherein the secure device contains a secret key known to the entity, comprising the steps of:
-
having the secure device use the given cryptosystem to generate a first string, the first string being an encryption of a message; having the secure device use the secret key to generate a second string that guarantees to the entity that the first string was generated with the given cryptosystem.
-
-
12. A method, using a cryptosystem, for enabling a predetermined entity to confirm that users of a system exchange messages encrypted according to a predetermined algorithm, comprising the steps of:
-
providing each user in the system with a secure chip containing at least one secret key unknown to the user; and having the user send encrypted messages using the secure chip; and with each encrypted message sent by a user, having the secure chip also send a data string, computed using the secret key, to guarantee the entity that the encrypted message was generated by the secure chip using the predetermined algorithm. - View Dependent Claims (13)
-
Specification