Compact certification with threshold signatures

US 5,610,982 A
Filed: 05/15/1996
Issued: 03/11/1997
Est. Priority Date: 05/15/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method of certifying data, comprising the steps of:

(a) a subgroup of authorities each contributing a partial digital signature of the data, the partial digital signature being a component used to compute a combined signature, wherein the subgroup includes some, but not all, of the authorities configured to apply a partial signature to the data;

(b) issuing a certificate for the data if the combined signature is valid; and

(c) storing accountability information that renders the subgroup of authorities accountable for the data that the subgroup of authorities contribute to certify.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Certifying data includes having a subgroup of authorities each contribute a partial digital signature of the data to enable computation of a combined signature where the subgroup includes some, but not all, of the total number of authorities capable of applying a partial signature to the data, issuing a certificate for the data, and storing information in order to keep the subgroup of authorities accountable for the data that the subgroup of authorities contribute to eerily. In another scheme, certifying data can include having one or more lower-level authorities cause top-level authorities to receive an indication that the data is to be certified. A first subgroup of top-level authorities each applies a partial digital signature to the data. A certificate is issued containing a combined digital signature of a second subgroup of top-level authorities.

115 Citations

36 Claims

1. A method of certifying data, comprising the steps of:
- (a) a subgroup of authorities each contributing a partial digital signature of the data, the partial digital signature being a component used to compute a combined signature, wherein the subgroup includes some, but not all, of the authorities configured to apply a partial signature to the data;
  
  (b) issuing a certificate for the data if the combined signature is valid; and
  
  (c) storing accountability information that renders the subgroup of authorities accountable for the data that the subgroup of authorities contribute to certify.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. A method of certifying data, according to claim 1, wherein the certificate is issued by a single other authority.
  - 3. A method of certifying data, according to claim 2, wherein the certificate is issued with a digital signature of the other authority.
  - 4. A method of certifying data, according to claim 2, wherein the other authority contributes additional data that is included in the certificate.
  - 5. A method of certifying data, according to claim 1, wherein the certificate is issued by a plurality of other authorities.
  - 6. A method of certifying data, according to claim 5, wherein the certificate is issued with digital signatures of the plurality of other authorities.
  - 7. A method of certifying data, according to claim 5, wherein at leas one of the other authorities contributes additional data that is included in the certificate.
  - 8. A method of certifying data, according to claim 1, wherein the data that is certified is a public key.
  - 9. A method of certifying data, according to claim 8, wherein the data indicates that the public key belongs to a particular user.
  - 10. A method of certifying data, according to claim 8, wherein the public key is chosen to be used in connection with at least one of:
    - a digital signature system and a public key encryption system.
  - 11. A method of certifying data, according to claim 1, wherein the data is included in the certificate.
  - 12. A method of certifying data, according to claim 1, wherein the accountability information can be used to identify each member of the subgroup of authorities.
  - 13. A method of certifying data, according to claim 12, wherein the accountability information includes a combined digital signature of all of the subgroup of authorities.
  - 14. A method of certifying data, according to claim 1, wherein the combined signature is a multiple public key fully-accountable subset signature.
  - 15. A method of certifying data, according to claim 1, wherein the combined signature is a single public key fully-accountable subset signature.
  - 16. A method of certifying data, according to claim 1, wherein at least a portion of the accountability information is stored in the certificate.
  - 17. A method of certifying data, according to claim 16, wherein all of the information is stored in the certificate.

18. A method of certifying data, comprising the steps of:
- (a) one or more of a first group of authorities causing a plurality of a second group of authorities to receive an indication that the data is to be certified;
  
  (b) a first subgroup of the second group of authorities each applying a partial digital signature to the data; and
  
  (c) issuing a certificate containing a combined digital signature of a second subgroup of the second group of authorities in response to the partial digital signatures of the first subgroup being valid.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 19. A method of certifying data, according to claim 18, wherein the combined digital signature is a (t,n) threshold signature.
  - 20. A method of certifying data, according to claim 19, wherein the second subgroup of authorities is identical to the first subgroup of authorities.
  - 21. A method of certifying data, according to claim 19, wherein the second subgroup of authorities is a subset of the first subgroup of authorities.
  - 22. A method of certifying data, according to claim 19, wherein the plurality of authorities that receive an indication is identical to the first subgroup of authorities.
  - 23. A method of certifying data, according to claim 18, wherein the combined digital signature is a multiple public key fully-accountable subset signature.
  - 24. A method of certifying data, according to claim 23, wherein the second subgroup of authorities is identical to the first subgroup of authorities.
  - 25. A method of certifying data, according to claim 23, wherein the second subgroup of authorities is a subset of the first subgroup of authorities.
  - 26. A method of certifying data, according to claim 23, wherein the plurality of authorities that receive an indication is identical to the first subgroup of authorities.
  - 27. A method of certifying data, according to claim 18, wherein the combined digital signature is a single public key fully-accountable subset signature.
  - 28. A method of certifying data, according to claim 27, wherein second subgroup of authorities is identical to the first subgroup of authorities.
  - 29. A method of certifying data, according to claim 27, wherein the second subgroup of authorities is a subset of the first subgroup of authorities.
  - 30. A method of certifying data, according to claim 27, wherein the plurality of authorities that receive an indication is identical to the first subgroup of authorities.
  - 31. A method of certifying data, according to claim 18, wherein the combined digital signature keeps the second subgroup of authorities accountable for the data that the second group of authorities cause to be certified.
  - 32. A method of certifying data, according to claim 18, wherein the data that is certified is a public key.
  - 33. A method of certifying data, according to claim 32, wherein the data indicates that the public key belongs to a particular user.
  - 34. A method of certifying data, according to claim 32, wherein the public key is chosen to be used in connection with at least one of:
    - a digital signature system and a public key encryption system.
  - 35. A method of certifying data, according to claim 18, wherein the data is included in the certificate.
  - 36. A method of certifying data, according to claim 35, wherein at least one of the second group of authorities contributes additional data that is included in the certificate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Assa Abloy AB
Original Assignee
Silvio Micali
Inventors
Micali, Silvio
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US08/649,905
Time in Patent Office

300 Days
Field of Search

380/9, 380/21, 380/23, 380/25, 380/29, 380/30, 380/49, 380/50
US Class Current

713/157
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 9/3255   using group based signature...

H04L 9/3263   involving certificates, e.g...

Compact certification with threshold signatures

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

115 Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

Compact certification with threshold signatures

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

115 Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links