Signature-generation method, signature-verification method, public-key distribution method, and information-processing apparatus

US 7,685,429 B2
Filed: 09/29/2005
Issued: 03/23/2010
Est. Priority Date: 10/05/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A signature-generation method comprising:

an input step of inputting a message to be signed;

a hash process step, performed by a processor, of performing a hash process on the message to obtain fixed-length data;

an addition step of adding nth padding data to the fixed-length data obtained by performing the hash process on the message, wherein n is an integer from 1 to N, and N is equal to or greater than 2;

a generation step of generating nth signature data from data obtained by performing the hash process on the message by using nth private key, wherein key length of the nth private key is longer than key length of (n+1)th private key and;

an output step of outputting first padding data through nth padding data, nth signature data, and the message,wherein the hash process step, the addition step, and the generation step are repeated a predetermined N number of times, and (n−

1)th signature data generated in the generation step is the nth padding data added to the fixed-length data in the addition step, andwherein the message, the padding data, and the signature data are coupled to one another so that at least one public-key certificate is generated, and where the addition step and the generation step are performed the predetermined N number of times, algorithms used for the hash function vary every time the addition step and the generation step are performed, algorithms used for a public-key cryptosystem vary every time the addition step and the generation step are performed, and key length used for the public-key cryptosystem decreases every time the addition step and the generation step are performed.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

To generate and verify signature data using a known signature algorithm whose safety is ensured from the viewpoint of calculation quantity and ensuring the authenticity thereof over a long time period. A message to be signed is transmitted, a padding-data item is added to the message, and a signature-data item of the message with the padding-data item added thereto is generated by using a hash function and a public-key cryptosystem. The addition step and the generation step are performed a predetermined number of times by using the signature-data item, as the padding-data item, and the signature-data items generated the predetermined number of times and the padding-data items added the predetermined number of times are externally transmitted with the message.

Citations

4 Claims

1. A signature-generation method comprising:
- an input step of inputting a message to be signed;
  
  a hash process step, performed by a processor, of performing a hash process on the message to obtain fixed-length data;
  
  an addition step of adding nth padding data to the fixed-length data obtained by performing the hash process on the message, wherein n is an integer from 1 to N, and N is equal to or greater than 2;
  
  a generation step of generating nth signature data from data obtained by performing the hash process on the message by using nth private key, wherein key length of the nth private key is longer than key length of (n+1)th private key and;
  
  an output step of outputting first padding data through nth padding data, nth signature data, and the message,wherein the hash process step, the addition step, and the generation step are repeated a predetermined N number of times, and (n−
  
  1)th signature data generated in the generation step is the nth padding data added to the fixed-length data in the addition step, andwherein the message, the padding data, and the signature data are coupled to one another so that at least one public-key certificate is generated, and where the addition step and the generation step are performed the predetermined N number of times, algorithms used for the hash function vary every time the addition step and the generation step are performed, algorithms used for a public-key cryptosystem vary every time the addition step and the generation step are performed, and key length used for the public-key cryptosystem decreases every time the addition step and the generation step are performed.
- View Dependent Claims (2)
- - 2. A signature-generation method according to claim 1, wherein the public-key certificate includes at least one extension part in a format that is set based on ITU-U recommendation X.509 v.3 and wherein the padding data is stored in the extension part.

3. A computer-readable recording medium configured to store a signature generation method comprising:
- an input step of inputting a message to be signed;
  
  a hash process step of performing a hash process on the message to which the nth padding data has been added obtain fixed-length data;
  
  an addition step of adding nth padding data to the fixed-length data obtained by the hash process on the message, wherein n is an integer from 1 to N, and N is equal to or greater than 2;
  
  a generation step, performed by a processor, of generating nth signature data from data obtained by performing the hash process on the message by using nth private key, wherein key length of the nth private key is longer than key length of (n+1)th private key; and
  
  ;
  
  an output step of outputting first padding data through nth padding data, nth signature data, and the message,wherein the hash process step, the addition step, and the generation step are repeated a predetermined N number of times, and (n−
  
  1)th signature data generated in the generation step is the nth padding data added to the fixed-length data in the addition step, andwherein the message, the padding data, and the signature data are coupled to one another so that at least one public-key certificate is generated, and where the addition step and the generation step are performed the predetermined N number of times, algorithms used for the hash function vary every time the addition step and the generation step are performed, algorithms used for a public-key cryptosystem vary every time the addition step and the generation step are performed, and key length used for the public-key cryptosystem decreases every time the addition step and the generation step are performed.

4. An information-processing apparatus comprising:
- an input unit configured to input a message to be signed;
  
  a hash process unit configured to perform a hash process on the message to obtain fixed-length data;
  
  an addition unit configured to add nth padding data to the fixed-length data obtained by the hash process, wherein n is an integer from 1 to N, and N is equal to or greater than 2;
  
  a generation unit configured to generate nth signature data from data obtained by performing the hash process on the message using nth private key, wherein key length of the nth private key is longer than key length of (n+1)th private key; and
  
  an output unit configured to output the first padding data through the nth padding data, the nth signature data, and the message,wherein processing performed by the hash process unit, the addition unit, and the generation unit are repeated a predetermined N number of times, and (n−
  
  1)th signature data generated by the generation unit is the nth padding data added to the input message by the addition unit, andwherein the message, the padding data, and the signature data are coupled to one another so that at least one public-key certificate is generated, and where processing in the addition unit and the generation unit are performed the predetermined N number of times, algorithms used for the hash process vary every time processing in the addition unit and the generation unit are performed, algorithms used for a public-key cryptosystem vary every time processing in the addition unit and the generation unit are performed, and key length used for the public-key cryptosystem decreases every time processing in the addition unit and the generation unit are performed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Canon Kabushiki Kaisha (Canon Inc.)
Original Assignee
Canon Kabushiki Kaisha (Canon Inc.)
Inventors
Suga, Yuji
Primary Examiner(s)
Arani; Taghi T
Assistant Examiner(s)
Rahman; Mohammad L

Application Number

US11/239,623
Publication Number

US 20060075246A1
Time in Patent Office

1,636 Days
Field of Search

380/37, 380/217, 380/3, 380/4, 380/47, 380/30, 380/285, 380/282, 380/278, 380/279, 380/268, 380/259, 380/29, 380/45, 713/170, 713/180, 713/181, 726/30
US Class Current

713/180
CPC Class Codes

H04L 2209/20 Manipulating the length of ...

H04L 9/3247 involving digital signatures

Signature-generation method, signature-verification method, public-key distribution method, and information-processing apparatus

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

4 Claims

Specification

Solutions

Use Cases

Quick Links

Signature-generation method, signature-verification method, public-key distribution method, and information-processing apparatus

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

4 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links