Programmed computer for identity verification, forming joint signatures and session key agreement in an RSA public cryptosystem
First Claim
1. An article of manufacture for use in a cryptosystem, comprising:
- computer readable storage medium; and
computer programming stored on said storage medium;
wherein said stored computer programming is configured to be readable from said computer readable storage medium by a computer and thereby cause said computer to operate so as to;
generate a private exponent key, having an associated modulus N of a predetermined bit length, and a corresponding public exponent key;
divide said private exponent key into a first private key portion, having a bit length of no greater than fifteen percent of the bit length of the associated modulus N but not less than 56 bits, and a second private key portion;
direct said first private key portion to a first user; and
direct said second private key portion to a selected one or more other users of the RSA system.
3 Assignments
0 Petitions
Accused Products
Abstract
An article of manufacture for improving an RSA cryptosystem, includes computer readable storage medium with computer programming stored thereon. The stored computer programming is configured to be readable from the computer readable storage medium by a computer and thereby cause the computer to operate so as to generate a private exponent key, having an associated modulus N of a predetermined bit length and a bit length of no greater than fifteen percent of the bit length of the associated modulus N but not less than 56 bits, and a corresponding public exponent key, to divide the private exponent key into a first private key portion and a second private key portion, to direct said first private key portion to a first user, and to direct the second private key portion to one or more other users of the RSA system.
-
Citations
20 Claims
-
1. An article of manufacture for use in a cryptosystem, comprising:
-
computer readable storage medium; and computer programming stored on said storage medium; wherein said stored computer programming is configured to be readable from said computer readable storage medium by a computer and thereby cause said computer to operate so as to; generate a private exponent key, having an associated modulus N of a predetermined bit length, and a corresponding public exponent key; divide said private exponent key into a first private key portion, having a bit length of no greater than fifteen percent of the bit length of the associated modulus N but not less than 56 bits, and a second private key portion; direct said first private key portion to a first user; and direct said second private key portion to a selected one or more other users of the RSA system. - View Dependent Claims (2, 3)
-
-
4. A programmed computer for use in a cryptosystem, comprising:
-
a processor configured to generate a private exponent key, having an associated modulus N of a predetermined bit length, and a corresponding public exponent key, to divide said private exponent key into a first private key portion, having a bit length of no greater than fifteen percent of the bit length of the associated modulus N but not less than 56 bits, and a second private key portion, to direct said first private key portion to a first user, and to direct said second private key portion to a selected one or more other users of the RSA system; and storage medium configured to store the public exponent key. - View Dependent Claims (5, 6)
-
-
7. An article of manufacture for use in a cryptosystem in which each user is associated with a private exponent key having an associated modulus N of a predetermined bit length, and a corresponding public exponent key, said private exponent key being divided into two private key portions, one private key portion being available to a first user, and the other private key portion being available to a second user of the cryptosystem, comprising:
-
computer readable storage medium; and computer programming stored on said storage medium; wherein said stored computer programming is configured to be readable from said computer readable storage medium by a computer and thereby cause said computer to operate so as to; transform a message from the first user with a first private key portion having a bit length no greater than fifteen percent of the modulus N but not less than 56 bits; and direct the transformed message to the second user, wherein the message is recoverable by applying a second private key portion and public exponent key thereto to verify that the message is from the first user. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A programmed computer for use in a cryptosystem in which each user is associated with a private exponent key having an associated modulus N of a predetermined bit length, and a corresponding public exponent key, said private exponent key being divided into two private key portions, one private key portion being available to a first user, and another private key portion being available to a second user of the cryptosystem, comprising:
-
a processor configured to transform a message from the first user with a first private key portion having a bit length no greater than fifteen percent of the modulus N but not less than 56 bits, and to direct the transformed message to the second user, wherein the message is recoverable by applying a second private key portion and public exponent key thereto to verify that the message is from the first user; and a storage medium configured to store the public exponent key. - View Dependent Claims (13, 14, 15, 16)
-
-
17. An article of manufacture for use in a cryptosystem in which each user is associated with a private exponent key and a corresponding public exponent key, said private exponent key being divided into two private key portions, one private key portion being available to a first user, and the other private key portion being available to a second user of the cryptosystem, and the public exponent key being available to said first and second users, comprising:
-
computer readable storage medium; and computer programming stored on said storage medium; wherein said stored computer programming is configured to be readable from said computer readable storage medium by a computer and thereby cause said computer to operate so as to; transform a first number with a first private key portion having a bit length of (i) no greater than fifteen percent of a bit length of an associated modulus N and (ii) not less than 56 bits; direct the transformed first number to the second user, wherein the first number is recoverable by applying a second private key portion and public exponent key thereto; recover a second number, transformed with the second private key portion, by applying said first private key portion and the public exponent key to the transformed second number; multiply the first number and the second number to form a joint symmetric session encryption key; and transform a communication between said first user and said second user with said session encryption key. - View Dependent Claims (18)
-
-
19. A programmed computer for use in a cryptosystem in which each user is associated with a private exponent key and a corresponding public exponent key, said private exponent key being divided into two private key portions, one private key portion being available to a first user, and the other private key portion being available to a second user of the cryptosystem, and the public exponent key being available to said first and second users, comprising:
-
a processor configured (i) to transform a first number with a first private key portion having a bit length of no greater than fifteen percent of a bit length of an associated modulus N and not less than 56 bits, (ii) to direct the transformed first number to the second user, wherein the first number is recoverable by applying a second private key portion and public exponent key thereto, (iii) to recover a second number, transformed with the second private key portion, by applying said first private key portion and the public exponent key to the transformed second number, (iv) to multiply the first number and the second number to form a joint symmetric session encryption key, and (v) to transform a communication between said first user and said second user with said session encryption key; and a storage medium configured to store the session encryption key. - View Dependent Claims (20)
-
Specification