Data card verification system
First Claim
1. A non-transitory computer readable medium comprising computer executable instructions for verifying authenticity of messages exchanged between a pair of correspondents in an electronic transaction conducted over a data transmission system, said correspondents each including respective signing and verifying portions of a first signature scheme and a second signature scheme different to said first scheme and utilizing an elliptic curve cryptosystem, said computer executable instructions comprising instructions for a first of said correspondents:
- obtaining a first signed message from a second of said correspondents, said first signed message having been generated by one of said first and second correspondents signing a message according to a signing portion of one of said signature schemes associated with said one of said first and second correspondents;
utilizing said verifying portion of said one signature scheme to verify said first signed message;
signing a message by utilizing said signing portion of the other of said signature schemes to provide a second signed message;
sending said second signed message to said second of said correspondents to enable said second of said correspondents to verify said second signed message by utilizing said verifying portion of said other of said signature schemes; and
rejecting said transaction if either verification fails;
wherein signing one of said signed messages and verification of one of said signed messages are performed according to said second signature scheme utilizing the elliptic curve cryptosystem.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of verifying a pair of correspondents in electronic transaction, the correspondents each including first and second signature schemes and wherein the first signature scheme is computationally more difficult in signing than verifying and the second signature scheme is computationally more difficult in verifying than signing. The method comprises the step of the first correspondent signing information according to the first signature scheme and transmitting the first signature to the second correspondent, the second correspondent verifying the first signature received from the first correspondent, wherein the verification is performed according to the first signature scheme. The second correspondent then signs information according to the second signature scheme and transmits the second signature to the first correspondent, the first correspondent verifies the second signature received from the second correspondent, wherein the verification is performed according to the second signature algorithm; the transaction is rejected if either verification fails. The method thereby allows one of the correspondents to participate with relatively little computing power while maintaining security of the transaction.
-
Citations
7 Claims
-
1. A non-transitory computer readable medium comprising computer executable instructions for verifying authenticity of messages exchanged between a pair of correspondents in an electronic transaction conducted over a data transmission system, said correspondents each including respective signing and verifying portions of a first signature scheme and a second signature scheme different to said first scheme and utilizing an elliptic curve cryptosystem, said computer executable instructions comprising instructions for a first of said correspondents:
-
obtaining a first signed message from a second of said correspondents, said first signed message having been generated by one of said first and second correspondents signing a message according to a signing portion of one of said signature schemes associated with said one of said first and second correspondents; utilizing said verifying portion of said one signature scheme to verify said first signed message; signing a message by utilizing said signing portion of the other of said signature schemes to provide a second signed message; sending said second signed message to said second of said correspondents to enable said second of said correspondents to verify said second signed message by utilizing said verifying portion of said other of said signature schemes; and rejecting said transaction if either verification fails; wherein signing one of said signed messages and verification of one of said signed messages are performed according to said second signature scheme utilizing the elliptic curve cryptosystem. - View Dependent Claims (2, 3, 4)
-
-
5. A non-transitory computer readable medium comprising computer executable instructions for verifying authenticity of messages exchanged between a pair of correspondents in an electronic transaction conducted over a data transmission system, said correspondents each including respective signing and verifying portions of a first signature scheme and a second signature scheme, different from said first scheme and utilizing an elliptic curve cryptosystem, said computer executable instructions comprising instructions for a first of said correspondents:
-
obtaining a first certificate C1 including a public key and identification information of a second correspondent from one of said first and second correspondents; verifying said first certificate C1 and extracting said public key and said identification information therefrom; generating a first challenge R1 and transmitting said first challenge R1 to said second correspondent; receiving from said second correspondent, a second challenge R2 generated by said second correspondent and a second certificate C2, said second certificate C2 having been generated by signing said first challenge R1 in accordance with said signing portion of one of said signature schemes; verifying said second certificate C2 in accordance with said verifying portion of said one of said signature schemes; signing said second challenge R2 in accordance with said signing portion of the other of said signature schemes to provide a third certificate; sending said third certificate to said second correspondent to enable said second correspondent to verify said third certificate in accordance with said verifying portion of said other of said signature schemes; and rejecting said transaction if verification of either signature fails. - View Dependent Claims (6, 7)
-
Specification