Providing digital signature and public key based on shared knowledge
First Claim
1. A method of providing a digital signature of a first party using a private key of a public-private key pair in the elliptic curve digital signature algorithm (ECDSA), the method comprising:
- (a) identifying domain parameters of an elliptic curve for use in elliptic curve cryptography, the domain parameters including an initial generating point;
(b) transforming within a computer system the initial generating point into a new generating point as a deterministic function of shared knowledge, wherein the shared knowledge is known to the first party and a second party different from the first party; and
(c) generating within the computer system a digital signature as a function of a private key and the domain parameters, in which the new generating point is substituted for the initial generating point.
8 Assignments
0 Petitions
Accused Products
Abstract
A public key and digital signature is provided using a private key of a public-private key pair in an elliptic curve digital signature algorithm (ECDSA) by: identifying domain parameters of an elliptic curve for use in elliptic curve cryptography, the domain parameters including an initial generating point; transforming the generating point into a new generating point as a deterministic function; generating the public key as a deterministic function of the private key and the domain parameters, in which the new generating point is substituted for the initial generating point; and generating the digital signature as a function of the private key and the domain parameters, in which the new generating point is substituted for the initial generating point.
123 Citations
28 Claims
-
1. A method of providing a digital signature of a first party using a private key of a public-private key pair in the elliptic curve digital signature algorithm (ECDSA), the method comprising:
-
(a) identifying domain parameters of an elliptic curve for use in elliptic curve cryptography, the domain parameters including an initial generating point; (b) transforming within a computer system the initial generating point into a new generating point as a deterministic function of shared knowledge, wherein the shared knowledge is known to the first party and a second party different from the first party; and (c) generating within the computer system a digital signature as a function of a private key and the domain parameters, in which the new generating point is substituted for the initial generating point. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer-readable medium having computer-executable instructions for performing the steps comprising:
-
(a) identifying domain parameters of an elliptic curve for use in elliptic curve cryptography, the domain parameters including an initial generating point; (b) transforming within a computer system the initial generating point into a new generating point as a deterministic function of shared knowledge, wherein the shared knowledge is known to a first party and a second party different from the first party; and (c) generating within the computer system a digital signature as a function of a private key and the domain parameters, in which the new generating point is substituted for the initial generating point.
-
-
22. In a method of providing a digital signature with a private key of a public-private key pair of a first party using the elliptic curve digital signature algorithm (ECDSA), the method including generating a digital signature as a function of the private key and domain parameters of an elliptic curve, the domain parameters including a generating point, an improvement to the method comprising,
(a) calculating a larger integer value as a deterministic function of shared knowledge that is known to the first party and a second party different from the first party, (b) multiplying the generating point of the domain parameters by said calculated integer value to obtain a new generating point, and (c) replacing the generating point of the domain parameters with the new generating point during generating the digital signature as a function of the private key and the domain parameters.
-
23. A method of providing two digital signatures in accordance with the elliptic curve digital signature algorithm (ECDSA), and using the same private key of a first party, which digital signatures can be verified with different respective public keys, the method comprising,
(a) with respect to the first digital signature, (i) identifying domain parameters of an elliptic curve for use in elliptic curve cryptography, the domain parameters including an initial generating point, (ii) transforming in a deterministic function of shared knowledge within a computer system the initial generating point into a first new generating point, wherein the shared knowledge is known to the first party and a second party different from the first party, and (iii) generating within the computer system the first digital signature as a function of the private key and the domain parameters, in which the first new generating point is substituted for the initial generating point; - and
(b) with respect to the second digital signature, (i) transforming in a deterministic function of shared knowledge within the computer system the initial generating point of the domain parameters into a second new generating point, wherein the shared knowledge is known to the first party and a third party different from the first party and (ii) generating within the computer system the second digital signature as a function of the same private key and the domain parameters, in which the second new generating point is substituted for the initial generating point. - View Dependent Claims (24)
- and
-
25. A method of providing by a first party a public key of a public-private key pair for use in elliptic curve cryptography, the method comprising:
-
(a) identifying domain parameters of an elliptic curve for use in elliptic curve cryptography, the domain parameters including an initial generating point; (b) transforming within a computer system the initial generating point into a new generating point as a deterministic function; and (c) generating within computer system a public key as a deterministic function of a private key and the domain parameters, in which the new generating point is substituted for the initial generating point; (d) wherein said generated public key comprises, in conjunction with the private key, a public-private key pair for use in elliptic curve cryptography. - View Dependent Claims (26)
-
-
27. A computer-readable medium having computer-executable instructions for performing the steps comprising:
-
(a) identifying domain parameters of an elliptic curve for use in elliptic curve cryptography, the domain parameters including an initial generating point; (b) transforming within a computer system the initial generating point into a new generating point as a deterministic function; and (c) generating within the computer system a public key as a deterministic function of a private key and the domain parameters, in which the new generating point is substituted for the initial generating point; (d) wherein said generated public key comprises, in conjunction with the private key, a public-private key pair for use in elliptic curve cryptography.
-
-
28. In a method of providing a public key of a public-private key pair of a first party for use in elliptic curve cryptography, the method including generating a public key as a deterministic function of a private key and domain parameters of an elliptic curve for use in elliptic curve cryptography, the domain parameters including a generating point,
wherein said generated public key comprises, in conjunction with the private key, a public-private key pair for use in elliptic curve cryptography, an improvement to the method comprising, (a) calculating within a computer system a large integer value as a deterministic function of shared knowledge that is known to the first party and a second party different from the first party, (b) multiplying the generating point of the domain parameters by said calculated integer value to obtain a new generating point, and (c) replacing the generating point of the domain parameters with the new generating point during generating the public key as a deterministic function of the private key and the domain parameters.
Specification