Adaptive multi-step digital signature system and method of operation thereof
First Claim
Patent Images
1. A multi-step digital signature system, comprising:
- a distributed certifying authority;
said distributed certifying authority including a plurality of certifying authority members, wherein approval of a plurality of said plurality of certifying authority members is required to generate a digital signature for the distributed certifying, authority, wherein at least one of said plurality of certifying authority members includes an input device for receiving instructions from a plurality of signing officers.
3 Assignments
0 Petitions
Accused Products
Abstract
A multi-step digital signature system and method is provided having a distributed root certifying authority 20. Messages received at the root certifying authority 20 are distributed to root certifying authority members 22-30 who attach partial signatures to the message using root key fragments. In the system and method provided, the system adapts to system events such as the addition or removal of key fragment holders, the need to modify key fragments, etc., by changing key fragments.
260 Citations
17 Claims
-
1. A multi-step digital signature system, comprising:
-
a distributed certifying authority; said distributed certifying authority including a plurality of certifying authority members, wherein approval of a plurality of said plurality of certifying authority members is required to generate a digital signature for the distributed certifying, authority, wherein at least one of said plurality of certifying authority members includes an input device for receiving instructions from a plurality of signing officers. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A multi-step digital signature system, comprising
a distributed certifying authority, said distributed certifying authority including a plurality of certifying authority members, wherein approval of a plurality of said plurality of certifying authority members is required to generate a digital signature for the distributed certifying, authority, wherein said distributed certifying authority is one of a plurality of certifying authorities communicating to form a plurality of hierarchical certifying tiers, wherein at least one of said plurality of certifying authority members of said distributed certifying authority includes an input device for receiving instructions from a plurality of signing officers.
-
13. A method for decreasing the verification chain length in a hierarchical digital signature system, comprising the steps of:
-
obtaining a signature certificate for a user from a certifying authority at a first tier of said hierarchical digital signature system; presenting said signature certificate from said first tier certifying authority to a higher tier certifying authority; receiving, from said higher tier certifying authority, a certificate authenticating the signature of the first tier certifying authority; and presenting said authenticating certificate of said higher tier certifying authority from a user to a verifier.
-
-
14. A method of generating a digital signature in a n-of-n multi-step digital signature system having n certifying authority members in a distributed certifying authority, comprising the steps of:
-
receiving, at said distributed certifying authority, a message (m) to be signed; distributing said message to each of said n certifying authority members; preparing separate messages (HASHr), at each of said certifying authority members, in accordance with a method including the following steps; selecting a random number (k); calculating a value (r) from said random number (k) using the function
space="preserve" listing-type="equation">r=g.sup.kD(m, HASH) mod p;calculating the HASH of said r value to obtain HASHr; distributing said HASHr values such that the HASHr value prepared by each certifying authority member is received by each of the other n-1 certifying authority members; distributing said r values such that the HASHr value prepared by each certifying authority member is received by each of the other n-1 certifying authority members; confirming, at each of the certifying authority members, the r values for each of the other n-1 certifying authority members using the function SHA(r)=HASHr; computing, at each of the certifying authority members, a composite r value as the product of all of the r values; computing, at each of the certifying authority members, a signature fragment value using the composite r value.
-
-
15. A method of generating a digital signature in a n-of-n multi-step digital signature system having n certifying authority members in a distributed certifying authority, comprising the steps of:
-
receiving, at said distributed certifying authority, a message (m) to be signed; distributing said message to each of said n certifying authority members; computing a separate value (r), at each of said certifying authority members, in accordance with a method including the following steps; selecting a random number (k); calculating a value (r) from said random number (k) using the function
space="preserve" listing-type="equation">r=g.sup.kD(m, HASH) mod p;providing evidence that the discrete log of r mod p is known; distributing said evidence such that the evidence of each certifying authority member is received by each of the other n-1 certifying authority members; distributing said r values such that the r value computed by each certifying authority member is received by each of the other n-1 certifying authority members; verifying, at each of the certifying authority members, the evidence to confirm the knowledge of the discrete log of the r values of each of the other n-1 certifying authority members; computing, at each of the certifying authority members, a composite r value as the product of all of the r values; computing, at each of the certifying authority members, a signature fragment value using the composite r value.
-
-
16. In a k-of-n multi-step digital signature system, a method of identifying the k members that participated in generating a signature, comprising the steps of:
-
appending a set of n bits to the end of the message to be signed wherein each of said n bits is associated with one of said n members of the k-of-n multi-step digital signature system; indicating with said n bits which k members participated in generating said signature. - View Dependent Claims (17)
-
Specification