System and method for verifying digital signatures on certificates

US 7,716,139 B2
Filed: 10/29/2004
Issued: 05/11/2010
Est. Priority Date: 10/29/2004
Status: Active Grant

First Claim

Patent Images

1. A method of verifying a digital signature on a certificate on a computing device, the method comprising:

a processor of the computing device performing a first signature verification operation on the digital signature using a first public key associated with an issuer of the certificate;

said processor successfully verifying the digital signature in the first signature verification operation;

said processor storing the first public key in a memory store after successfully verifying the digital signature in the first signature verification operation;

said processor receiving a request to perform a second signature verification operation on the digital signature using a second public key associated with an issuer of the certificate;

said processor comparing the second public key with the first public key stored in the memory store;

said processor determining that the first and second public keys match based on said comparing; and

said processor indicating, as a response to the request to perform the second signature verification operation, successful verification of the digital signature in lieu of performing the second signature verification operation.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for verifying a digital signature on a certificate, which may be used in the processing of encoded messages. In one embodiment, when a digital signature is successfully verified in a signature verification operation, the public key used to verify that digital signature is cached. When a subsequent attempt to verify the digital signature is made, the public key to be used to verify the digital signature is compared to the cached key. If the keys match, the digital signature can be successfully verified without requiring that a signature verification operation in which some data is decoded using the public key be performed.

Citations

19 Claims

1. A method of verifying a digital signature on a certificate on a computing device, the method comprising:
- a processor of the computing device performing a first signature verification operation on the digital signature using a first public key associated with an issuer of the certificate;
  
  said processor successfully verifying the digital signature in the first signature verification operation;
  
  said processor storing the first public key in a memory store after successfully verifying the digital signature in the first signature verification operation;
  
  said processor receiving a request to perform a second signature verification operation on the digital signature using a second public key associated with an issuer of the certificate;
  
  said processor comparing the second public key with the first public key stored in the memory store;
  
  said processor determining that the first and second public keys match based on said comparing; and
  
  said processor indicating, as a response to the request to perform the second signature verification operation, successful verification of the digital signature in lieu of performing the second signature verification operation.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - said processor storing a result indicating that the digital signature is successfully verified in the first signature verification operation;
      
      wherein said indicating is performed after the result indicating that the digital signature is successfully verified in the first signature verification operation is stored.
  - 3. The method of claim 2, wherein said result is used by said processor to successfully verify the digital signature in the first signature verification operation within a limited duration.
  - 4. The method of claim 1, wherein the computing device comprises a mobile device.
  - 5. The method of claim 1, wherein the first public key stored in the memory store is used by said processor in subsequent comparisons with the second public key within a limited duration.
  - 6. The method of claim 1, further comprising said processor deleting the first public key from the memory store.
  - 7. The method of claim 1, further comprising said processor marking the first public key stored as stale.
  - 8. The method of claim 1, further comprising said processor performing validation operations comprising verifying that the first public key stored in the memory store is not stale.

9. A computer-readable medium comprising a plurality of instructions, executable on a computing device, for performing acts comprising:
- performing a first signature verification operation on a digital signature on a certificate on the computing device using a first public key associated with an issuer of the certificate;
  
  successfully verifying the digital signature in the first signature verification operation;
  
  storing the first public key in a memory store after successfully verifying the digital signature in the first signature verification operation;
  
  receiving a request to perform a second signature verification operation on the digital signature using a second public key associated with an issuer of the certificate;
  
  comparing the second public key with the first public key stored in the memory store;
  
  determining that the first and second public keys match based on said comparing; and
  
  indicating, as a response to the request to perform the second signature verification operation, successful verification of the digital signature in lieu of performing the second signature verification operation.
- View Dependent Claims (10, 11, 12)
- - 10. The computer-readable medium of claim 9, said acts further comprising:
    - storing a result indicating that the digital signature is successfully verified in the first signature verification operation;
      
      wherein said indicating is performed after the result indicating that the digital signature is successfully verified in the first signature verification operation is stored.
  - 11. The system of claim 10, wherein said result is used by said processor to successfully verify the digital signature in the first signature verification operation within a limited duration.
  - 12. The computer-readable medium of claim 9, wherein the computing device comprises a mobile device.

13. A system for verifying a digital signature on a certificate comprising at least one computing device, the at least one computing device comprising a processor and a memory, wherein the processor is configured to:
- perform a first signature verification operation on the digital signature using a first public key associated with an issuer of the certificate;
  
  successfully verify the digital signature in the first signature verification operation;
  
  store the first public key in a memory store after successfully verifying the digital signature in the first signature verification operation;
  
  receive a request to perform a second signature verification operation on the digital signature using a second public key associated with an issuer of the certificate;
  
  compare the second public key with the first public key stored in the memory store;
  
  determine that the first and second public keys match based on a comparison of the second public key with the first public key stored in the memory store; and
  
  indicate, as a response to the request to perform the second signature verification operation, successful verification of the digital signature in lieu of performing the second signature verification operation.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The system of claim 13, said processor further configured to:
    - store a result indicating that the digital signature is successfully verified in the first signature verification operation;
      
      wherein successful verification is indicated after the result indicating that the digital signature is successfully verified in the first signature verification operation is stored.
  - 15. The system of claim 13, wherein said at least one computing device comprises a mobile device.
  - 16. The system of claim 13, wherein the first public key stored in the memory store is used by said processor in subsequent comparisons with the second public key within a limited duration.
  - 17. The system of claim 13, said processor further configured to delete the first public key from the memory store.
  - 18. The system of claim 13, said processor further configured to mark the first public key stored as stale.
  - 19. The system of claim 13, said processor further configured to perform validation operations comprising verifying that the first public key stored in the memory store is not stale.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Research In Motion Limited (Blackberry Limited)
Inventors
Brown, Michael S., Brown, Michael K.
Primary Examiner(s)
Worjloh; Jalatee

Application Number

US10/975,988
Publication Number

US 20060095388A1
Time in Patent Office

2,020 Days
Field of Search

705 50- 79, 713/155, 713/156, 713/176
US Class Current

705/76
CPC Class Codes

G06Q 20/0855   involving a third party

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/3821   Electronic credentials

H04L 2209/80   Wireless

H04L 63/0823   using certificates cryptogr...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04L 9/50   using hash chains, e.g. blo...

System and method for verifying digital signatures on certificates

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for verifying digital signatures on certificates

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links