Auto-recoverable and auto-certifiable cryptosystem with unescrowed signing keys
First Claim
1. A method and apparatus for generating a public key for encryption and signature verification and a proof that the keys were generated by a specific algorithm comprising the steps of:
- A) the user'"'"'s system generating a random string of bits based on system parameters;
B) the user running a key generation algorithm to get a private signing key, private decryption key, and a public key using the random string and public parameters;
C) the user constructing a proof which does not compromise the private keys but at the same time provides confidence to other verifying entities that said keys were generated properly by the specified algorithm.
0 Assignments
0 Petitions
Accused Products
Abstract
A method is provided for an escrow cryptosystem combined with an unescrowed digital signature scheme that uses a single public key per user. This system is overhead-free, does not require a cryptographic tamper-proof hardware implementation (i.e., can be done in software), and is publicly verifiable. The system cannot be used subliminally to enable a shadow public key system. Namely, an unescrowed public key system that is publicly displayed in a covert fashion. The cryptosystem contains a key generation mechanism that outputs a key triplet, and a certificate of proof that the keys were generated according to the algorithm. The key triplet consists of a public key, a private decryption key, and a private signing key. Using the public key and the certificate, the triplet can be verified efficiently by anyone to have the following properties: (1) the private signing key is known to the user, and (2) the private decryption key is recoverable by the escrow authorities. The system assures that the escrow authorities are not able to forge signatures or get the private signing key. The system is designed so that its internals can be made publicly scrutinizable (e.g., it can be distributed in source code form).
-
Citations
20 Claims
-
1. A method and apparatus for generating a public key for encryption and signature verification and a proof that the keys were generated by a specific algorithm comprising the steps of:
-
A) the user'"'"'s system generating a random string of bits based on system parameters; B) the user running a key generation algorithm to get a private signing key, private decryption key, and a public key using the random string and public parameters; C) the user constructing a proof which does not compromise the private keys but at the same time provides confidence to other verifying entities that said keys were generated properly by the specified algorithm.
-
-
2. A method for users in a cryptosystem wherein each user has one public key, a corresponding private decryption key, and a corresponding different private signing key comprising of the following set of operations:
-
A) an encryption operation where user A encrypts a message intended for user B using the public key of said user B; B) a decryption operation where user B decrypts a message sent from user A using the private decryption key of user B; C) a signature operation where user A signs a message intended for user B using the private signing key of said user A; D) a signature verification operation where user B verifies a message allegedly sent from user A using said public key of said user A.
-
-
3. A method, using a cryptosystem, for a user to digitaly sign a message m such that the other users can verify the resulting signature using said users public key, where the public key, private decryption key, and private signing key of said user are drawn from at least three different domains, F1, F2, and F3, where the signing operation comprises the steps of:
-
choosing at least one value uniformly at random from one of said domains; using said random value to compute a digital signature s, where s consists of at least two values drawn from said set of domains; outputing s to the user; and the signature verification operation performed by said other users comprises of using said users public key, system parameters, said user'"'"'s said digital signature s, and said user'"'"'s message m to check validity conditions derived from said signing operation.
-
-
4. A cryptosystem with encryption, decryption, signing, and signature verification operations whereby said operations are performed in any of three domains, F1, F2, and F3 such that F1 is the exponent domain of F2 and F2 is the exponent domain of F3.
-
5. A method for public key cryptosystem including a subset of the operations of encryption, decryption, key exchange, signing, signature verification, and authentication, involving a public key function based on nested trapdoors functions.
-
6. A method for generating a public key and a private key, for signing messages, and for verifying messages, where said private key can be used to electronically sign documents but which cannot be used in whole or in part to decrypt data which is encrypted using said public key.
- 7. A method comprised of the generation of a public key for encryption and signature verification according to a specified algorithm and for the correctness validation of said generation, wherein said public key is generated based on system parameters together with a corresponding decryption private key and signing private key which remains secure, and where said correctness validation is based on a validation proof which comprises additional strings of information which do not compromise the security of said private keys and at the same time enables other entities with access to said public key and said additional strings to execute a validation procedure which assures said other entities that said public key was generated properly according to said specified algorithm.
Specification