Platform and method for establishing trust without revealing identity
First Claim
Patent Images
1. A method comprising:
- receiving a request for information by a cryptographic device; and
proving in a single direct proof that a value was signed by a signature key without revealing the value, the single direct proof comprises a plurality of exponentiations of which all of the plurality of exponentiations are conducted using a fixed exponent less in bit length than a bit length of a modulus (n), the plurality of exponentiations conducted are of the form ht mod P, where h is a unique number, t is randomly chosen between an interval between 0 and W, P is a prime number, and W is a number greater than 280.
2 Assignments
0 Petitions
Accused Products
Abstract
One aspect of an embodiment of the invention provides a method and platform to prove to a challenger that a responder device possesses cryptographic information from a certifying manufacturer. This is accomplished by performing a direct proof by the responder device to prove that the responder device possesses the cryptographic information. The direct proof comprises at least one exponentiation being conducted using an exponent having a bit length no more than one-half a bit length of a modulus (n).
247 Citations
10 Claims
-
1. A method comprising:
-
receiving a request for information by a cryptographic device; and proving in a single direct proof that a value was signed by a signature key without revealing the value, the single direct proof comprises a plurality of exponentiations of which all of the plurality of exponentiations are conducted using a fixed exponent less in bit length than a bit length of a modulus (n), the plurality of exponentiations conducted are of the form ht mod P, where h is a unique number, t is randomly chosen between an interval between 0 and W, P is a prime number, and W is a number greater than 280. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A platform comprising:
-
a bus; a network interface card coupled to the bus; and a processor coupled to the bus; and a trusted platform module coupled to the processor, in response to a challenge received over the network interface card, the trusted platform module to perform a direct proof in order to prove that the trusted platform module has a digital signature from a device manufacturer and the digital signature is valid without revealing the digital signature, the direct proof comprises a plurality of exponentiations each being conducted using an exponent having a bit length no more than one-half a bit length of a modulus (n), the plurality of exponentiations feature a format ht mod P, where “
h”
is a unique number, “
t”
is randomly chosen number, and “
P”
is a prime number. - View Dependent Claims (7, 8, 9, 10)
-
Specification