Data card verification system
First Claim
1. A method of verifying the authenticity of messages exchanged between a pair of correspondents in an electronic transaction conducted over a data transmission system, said correspondents each including respective signing and verifying portions of a first signature scheme and a second signature scheme different to said first scheme and utilizing an elliptic curve crypto system said method comprising the steps of:
- one of said correspondents signing a message according to a signing portion of one of said schemes associated with said one correspondent to provide a first signed message and transmitting said first signed message to another of said correspondents;
said other correspondent utilizing said verifying portion of said one signature scheme to verify said first signed message received from said one correspondent;
said other correspondent signing a message by utilizing said signing portion of the other of said signature schemes to provide a second signed message and transmitting a second signed message to said one correspondent;
said one correspondent verifying said second signed message received from said other correspondent by utilizing said verification portion of said other of said signature schemes, wherein one of said signature and one of said verifications is performed according to said second signature scheme utilizing an elliptic curve cryptosystem; and
rejecting said transaction if either verification fails.
5 Assignments
0 Petitions
Accused Products
Abstract
A method for verifying the authenticity of messages exchanged between a pair of correspondents in an electronic conducted over a data transmission system where the correspondents each include respective signing and verifying portions of a first signature scheme and a second signature scheme different from the first and utilizing an elliptic curve cryptosystem.
119 Citations
8 Claims
-
1. A method of verifying the authenticity of messages exchanged between a pair of correspondents in an electronic transaction conducted over a data transmission system, said correspondents each including respective signing and verifying portions of a first signature scheme and a second signature scheme different to said first scheme and utilizing an elliptic curve crypto system said method comprising the steps of:
-
one of said correspondents signing a message according to a signing portion of one of said schemes associated with said one correspondent to provide a first signed message and transmitting said first signed message to another of said correspondents;
said other correspondent utilizing said verifying portion of said one signature scheme to verify said first signed message received from said one correspondent;
said other correspondent signing a message by utilizing said signing portion of the other of said signature schemes to provide a second signed message and transmitting a second signed message to said one correspondent;
said one correspondent verifying said second signed message received from said other correspondent by utilizing said verification portion of said other of said signature schemes, wherein one of said signature and one of said verifications is performed according to said second signature scheme utilizing an elliptic curve cryptosystem; and
rejecting said transaction if either verification fails.- View Dependent Claims (2, 3, 4)
-
-
5. A method of verifying the authenticity of messages exchanged between a pair of correspondents in electronic transaction conducted over a data transmission system, said correspondents each including respective signing and verifying portions of a first signature scheme and a second signature scheme, different from said first scheme and utilizing an elliptic curve crypto system said method comprising the steps of:
-
one of said correspondents transmitting to another of said correspondents, a first certificate including public key and identification information of said first correspondent;
said other correspondent verifying said certificate and extracting said public key said identification information therefrom;
said other correspondent generating a first challenge R1 and transmitting said challenge to said one correspondent;
said one correspondent signing said received challenge R1 in accordance with said signing portion of one of said signature schemes to provide a second certificate C2;
said one correspondent generating a second challenge and transmitting said second challenge along with said certificate C2 to said other correspondent;
said other correspondent verifying said certificate C2 in accordance with said verification portion of one of said signature schemes;
said other correspondent signing said second challenge R2 in accordance with said signing portion of the other of said signature schemes to provide a third certificate and transmitting said said third certificate to said one correspondent; and
said one correspondent verifying said third certificate in accordance with said verification portion of said other of said signature schemes, and rejecting said transaction if either said signature is not verified.
-
-
6. A smart card for use in an electronic transaction with a correspondent, said card comprising:
-
a memory including a verification algorithm of a first signature scheme to implement a verification of a signature performed according to a first signature generation algorithm by said correspondent;
a signing algorithm of second signature scheme different to said first signature scheme and utilizing elliptic curve cryptography, said algorithm implementing a signature according to a second signature generation algorithm;
a program for invoking said algorithms; and
processor means for running said first verification algorithm for verifying a first message signed by sad correspondent and for running said second signature for signing a second message for transmission to said correspondent. - View Dependent Claims (7, 8)
-
Specification