Multi-step digital signature method and system
First Claim
1. A digital signing method comprising steps of:
- generating shares of a private signature key;
storing shares in separate electronic signing devices;
certifying multiple authorizing agents for signing devices; and
for each of a plurality of signing devices, affixing a partial signature to an electronic message in response to authorization from a minimum number of authorizing agents;
wherein a plurality of partial signatures constitutes a digital signature.
1 Assignment
0 Petitions
Accused Products
Abstract
A multi-step signing system and method uses multiple signing devices to affix a single signature which can be verified using a single public verification key. Each signing device possesses a share of the signature key and affixes a partial signature in response to authorization from a plurality of authorizing agents. In a serial embodiment, after a first partial signature has been affixed, a second signing device exponentiates the first partial signature. In a parallel embodiment, each signing device affixes a partial signature, and the plurality of partial signatures are multiplied together to form the final signature. Security of the system is enhanced by distributing capability to affix signatures among a plurality of signing devices and by distributing authority to affix a partial signature among a plurality of authorizing agents.
-
Citations
17 Claims
-
1. A digital signing method comprising steps of:
-
generating shares of a private signature key; storing shares in separate electronic signing devices; certifying multiple authorizing agents for signing devices; and for each of a plurality of signing devices, affixing a partial signature to an electronic message in response to authorization from a minimum number of authorizing agents; wherein a plurality of partial signatures constitutes a digital signature. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
2. A system for affixing digital signatures to electronic documents comprising:
-
a plurality of intercommunicative signing devices, each signing device comprising an electronic device programmed to receive an electronic document and to affix a partial signature using a signature key share in response to a predetermined number of authorizations; and a plurality of authorizing agents, each agent communicative with an associated signing device, each agent comprising an electronic device programmed to provide an authorization to an associated signing device. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
3. A system of interlocked rings of signing devices for affixing digital signatures to electronic documents comprising:
-
a first set of signing devices, said first set comprising a plurality of electronic devices, each device programmed to receive an electronic document and affix a partial signature for a first signature key, a plurality of said partial signatures comprising a first digital signature; a second set of signing devices, said second set comprising a plurality of electronic devices, each device programmed to receive an electronic document and affix a partial signature for a second signature key, a plurality of said partial signatures comprising a second digital signature; wherein said first set of signing devices includes at least one member which is not in said second set, and said first and second sets include at least one common member.
-
Specification
-
- Resources
-
Current AssigneeCertco
-
Original AssigneeFrank W. Sudia, Peter C. Freund, Stuart T F Huang
-
InventorsSudia, Frank W., Freund, Peter C., Huang, Stuart T.F.
-
Primary Examiner(s)Barron, Jr., Gilberto
-
Application NumberUS08/869,253Time in Patent Office503 DaysField of Search380/21, 380/33, 380/25, 380/30US Class Current713/180CPC Class CodesG06F 21/40 by quorum, i.e. whereby two...G06F 21/64 Protecting data integrity, ...G06F 7/725 over elliptic curvesG06Q 20/02 involving a neutral party, ...G06Q 20/3821 Electronic credentialsG06Q 20/3829 involving key managementH04L 9/085 Secret sharing or secret sp...H04L 9/3255 using group based signature...
