Public key certification providing apparatus

US 7,529,926 B2
Filed: 04/16/2003
Issued: 05/05/2009
Est. Priority Date: 04/17/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A server system including a processor connected to a network, comprising:

acquisition means for acquiring a temporary IP address of a client;

generation means for generating a first public key in accordance with a public parameter such that the first public key is usable corresponding to a first secret key of the client connected to the network, for generating a digital signature based on a second secret key where the second secret key is generated by the server system, and for generating a certificate of the first public key where the certificate of the first public key includes the temporary IP address of the client, a certificate of a second public key, and the digital signature of which legitimacy can be confirmed with the second public key where the second public key is generated by the server system; and

sending means for sending the certificate of the first public key generated by said generation means to the temporary IP address of the client,wherein the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A host communicates with a gateway, a DHCP server or a PPP peer of ISP to determine an IPv6 address, also receives a public key certificate from the gateway, the DHCP server or the PPP peer of ISP, and sends a public key certificate including an IPv6 address to a communication counterpart. The host receives a new public key certificate from the gateway, the DHCP server or the PPP peer of ISP when necessary.

Citations

25 Claims

1. A server system including a processor connected to a network, comprising:
- acquisition means for acquiring a temporary IP address of a client;
  
  generation means for generating a first public key in accordance with a public parameter such that the first public key is usable corresponding to a first secret key of the client connected to the network, for generating a digital signature based on a second secret key where the second secret key is generated by the server system, and for generating a certificate of the first public key where the certificate of the first public key includes the temporary IP address of the client, a certificate of a second public key, and the digital signature of which legitimacy can be confirmed with the second public key where the second public key is generated by the server system; and
  
  sending means for sending the certificate of the first public key generated by said generation means to the temporary IP address of the client,wherein the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider.
- View Dependent Claims (2, 3, 4, 11, 12, 13)
- - 2. The server system according to claim 1, wherein said sending means sends the certificate of the first public key to the temporary IP address of the client in a subnet.
  - 3. The server system according to claim 1, wherein said providing means provides the client with the first public key certificate and information for determining an address of the client.
  - 4. The server system according to claim 1, further comprising connection means which connects the client, to which the first public key certificate is sent by said sending means, to the Internet.
  - 11. The server system according to claim 1, wherein said generation means generates the first public key based on a third public key of a user who uses the certificate of the first public key.
  - 12. The server system according to claim 1, wherein said generation means generates the first public key based on a public parameter.
  - 13. The server system according to claim 1, wherein said generation means generates the digital signature based on the first public key and the second secret key corresponding to the second public key.

5. A method for providing a public key certificate generated by a server system including a processor connected to a network, comprising:
- acquiring a temporary IP address of a client;
  
  generating a first public key in accordance with a public parameter such that the first public key is usable corresponding to a first secret key of the client connected to the network;
  
  generating a digital signature based on a second secret key where the second secret key is generated by the server system;
  
  generating a certificate of the first public key where the certificate of the first public key includes the temporary IP address of the client, a certificate of a second public key, and the digital signature of which legitimacy can be confirmed with the second public key where the second public key is generated by the server system; and
  
  providing the client connected to the network with the generated certificate of the first public key;
  
  wherein the certificate of the first public key is sent by the client to a destination, and the temporary IP address of the client is confirmed by the destination based on the temporary IP address included in the certificate of the first public key, andthe certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider.
- View Dependent Claims (6, 7, 8, 14, 15, 16, 23)
- - 6. A method according to claim 5, wherein said providing step provides the client in a subnet with the first public key certificate.
  - 7. A method according to claim 5, wherein said providing step provides the client with the first public key certificate and information for determining an address of the host.
  - 8. A method according to claim 5, further comprising a connection step of connecting the client, to which the first public key certificate is provided in said providing step, to the internet.
  - 14. A method according to claim 5, wherein said generation step generates the first public key based on a third public key of a user who uses the certificate of the first public key.
  - 15. A method according to claim 5, wherein said generation step generates the first public key based on a public parameter.
  - 16. A method according to claim 5, wherein said generation step generates the digital signature based on the first public key and the second secret key corresponding to the second public key.
  - 23. A method according to claim 5, wherein the generated certificate of the first public key is sent to the temporary IP address of the client.

9. A server system including a processor comprising, in a subnet, providing means which provides a client in the subnet with a prefix for an IP address of the client and with a certificate of a first public key, further comprising:
- acquisition means for acquiring a temporary IP address of a client;
  
  generation means for generating the first public key in accordance with a public parameter such that the first public is usable corresponding to a first secret key of the client connected to the network, for generating a digital signature based on a second secret key where the second secret key is generated by the server system, and for generating the certificate of the first public key where the certificate of the first public key includes the temporary IP address of the client, a certificate of a second public key, and the digital signature of which legitimacy can be confirmed with the second public key where the second public key is generated by the server system; and
  
  sending means for sending the certificate of the first public key generated by said generation means to the temporary IP address of the client,wherein the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider.
- View Dependent Claims (17, 18)
- - 17. The server system according to claim 9, wherein said generation means generates the first public key based on a third public key of a user who uses the certificate of the first public key or based on a public parameter.
  - 18. The server system according to claim 9, wherein said generation means generates the digital signature based on the first public key and the second secret key corresponding to the second public key.

10. A server system including a processor comprising:
- first connection means for executing connection with the Internet;
  
  second connection means for executing connection with a client via a local network;
  
  acquisition means for acquiring a temporary IP address of a client;
  
  generation means for generating a first public key in accordance with a public parameter such that the first public is usable corresponding to a first secret key of the client connected to the network, for generating a digital signature based on a second secret key where the second secret key is generated by the server system, and for generating a certificate of the first public key where the certificate of the first public key includes the temporary IP address of the client, a certificate of a second public key, and the digital signature of which legitimacy can be confirmed with the second public key where the second public key is generated by the server system; and
  
  sending means for sending the certificate of the first public key to the temporary IP address of the client,wherein the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider.
- View Dependent Claims (19, 20)
- - 19. The server system according to claim 10, wherein said generation means generates the first public key based on a third public key of a user who uses the certificate of the first public key or based on a public parameter.
  - 20. The server system according to claim 10, wherein said generation means generates the digital signature based on the first public key and the second secret key corresponding to the second public key.

21. A communication apparatus connected to a network, comprising:
- reception means for receiving a certificate of a first public key from a server system including a processor connected to the network, the certificate of the first public key includes a temporary IP address of the communication apparatus, a certificate of a second public keys and a digital signature of which legitimacy can be confirmed with the second public key, wherein the first public key is generated by the server system in accordance with a public parameter such that the first public key is usable corresponding to a first secret key of the client connected to the network, and the digital signature is generated by the server system based on a second secret key where the second secret key is generated by the server system;
  
  confirming means for confirming the legitimacy of the digital signature with the second public key; and
  
  informing means for informing the certificate of the first public key to a communication partner in order to identify the temporary IP address of the communication apparatus based on the temporary IP address of the communication apparatus included in the certificate of the first public key,wherein the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider.
- View Dependent Claims (24)
- - 24. The communication apparatus according to claim 21, wherein said reception means receives the certificate of the first public key sent from the server system to the temporary address of the communication apparatus.

22. A communication method for a communication apparatus connected to a network, comprising steps of:
- receiving a certificate of a first public key from a server system including a processor connected to the network, the certificate of the first public key includes a temporary IP address of the communication apparatus, a certificate of a second public key, and a digital signature of which legitimacy can be confirmed with the second public key, wherein the first public key is generated by the server system in accordance with a public parameter such that the first public key is usable corresponding to a first secret key of the client connected to the network, and the digital signature is generated by the server system based on a second secret key where the second secret key is generated by the server system;
  
  confirming the legitimacy of the digital signature with the second public key; and
  
  informing the certificate of the first public key to a communication partner in order to identify the temporary IP address of the communication apparatus based on the temporary IP address of the communication apparatus included in the certificate of the first public key,wherein the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider.
- View Dependent Claims (25)
- - 25. A method according to claim 22, wherein the certificate of the first public key sent to the temporary address of the communication apparatus is received in said receiving step.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Canon Kabushiki Kaisha (Canon Inc.)
Original Assignee
Canon Kabushiki Kaisha (Canon Inc.)
Inventors
Oishi, Kazuomi
Primary Examiner(s)
Zia; Syed A.
Assistant Examiner(s)
DOAN, TRANG T

Application Number

US10/414,910
Publication Number

US 20030200437A1
Time in Patent Office

2,211 Days
Field of Search

380/279, 380/282, 380/285, 380/30, 726/5, 726/18, 726/19, 713155-158, 713173-175, 713/162
US Class Current

713/156
CPC Class Codes

H04L 2209/42   Anonymization, e.g. involvi...

H04L 9/3013   involving the discrete loga...

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

Public key certification providing apparatus

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Public key certification providing apparatus

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links