Facilitating digital signature based on ephemeral private key
First Claim
1. An invention comprising a method for facilitating communication using a digital signature, the method comprising the steps of:
- (a) first,(i) receiving into a first computer system input data from a first user,(ii) generating within the first computer system a first key as a deterministic function of said received data of said step (a)(i),(iii) following said step (a)(ii) of generating the first key, clearing said received data of said step (a)(i) so that said received data is no longer available within the first computer system for generating the first key within the first computer system,(iv) generating within the first computer system a second key as a deterministic function of said generated first key of said step (a)(ii), said generated first key comprising a private key of an asymmetric public-private key pair and said generated second key comprising a public key of the asymmetric public-private key pair,(v) following said step (a)(iv) of generating said second key, clearing said generated first key from the first computer system so that said generated first key is no longer available within the first computer system, and(vi) exporting said generated second key from the first computer system; and
(b) thereafter, generating a digital signature by,(i) receiving into a second computer system input data from a second user,(ii) regenerating within the second computer system the first key using the deterministic function of said step (a)(ii) and said received data of said step (b)(i),(iii) following said step (b)(ii) of regenerating said first key, clearing from the second computer system said received data of said step (b)(i) so that said received data is no longer available within the second computer system for regenerating the first key within the second computer system,(iv) generating within the second computer system a digital signature as a function of said regenerated first key of said step (b)(ii),(v) following said step (b)(iv) of generating the digital signature, clearing said regenerated first key from the second computer system so that said regenerated first key is no longer available within the second computer system, and(vi) exporting said generated digital signature of said step (b)(iv) from the second computer.
8 Assignments
0 Petitions
Accused Products
Abstract
Facilitating communication using a digital signature includes: receiving user input data (UID); generating a first key as a deterministic function of the UID; clearing the UID; generating a second key as a deterministic function of the first key; clearing the first key following generation of the second key; and exporting the second key. Neither the UID nor the first key is exported. Thereafter, a digital signature is generated by again receiving the UID; regenerating the first key using the deterministic function and the UID; clearing the UID; generating a digital signature as a function of the regenerated first key; clearing the regenerated first key following generation of the digital signature; and exporting the generated digital signature.
-
Citations
46 Claims
-
1. An invention comprising a method for facilitating communication using a digital signature, the method comprising the steps of:
-
(a) first, (i) receiving into a first computer system input data from a first user, (ii) generating within the first computer system a first key as a deterministic function of said received data of said step (a)(i), (iii) following said step (a)(ii) of generating the first key, clearing said received data of said step (a)(i) so that said received data is no longer available within the first computer system for generating the first key within the first computer system, (iv) generating within the first computer system a second key as a deterministic function of said generated first key of said step (a)(ii), said generated first key comprising a private key of an asymmetric public-private key pair and said generated second key comprising a public key of the asymmetric public-private key pair, (v) following said step (a)(iv) of generating said second key, clearing said generated first key from the first computer system so that said generated first key is no longer available within the first computer system, and (vi) exporting said generated second key from the first computer system; and (b) thereafter, generating a digital signature by, (i) receiving into a second computer system input data from a second user, (ii) regenerating within the second computer system the first key using the deterministic function of said step (a)(ii) and said received data of said step (b)(i), (iii) following said step (b)(ii) of regenerating said first key, clearing from the second computer system said received data of said step (b)(i) so that said received data is no longer available within the second computer system for regenerating the first key within the second computer system, (iv) generating within the second computer system a digital signature as a function of said regenerated first key of said step (b)(ii), (v) following said step (b)(iv) of generating the digital signature, clearing said regenerated first key from the second computer system so that said regenerated first key is no longer available within the second computer system, and (vi) exporting said generated digital signature of said step (b)(iv) from the second computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
Specification