Software for providing based on shared knowledge public keys having same private key

US 7,869,593 B2
Filed: 08/08/2005
Issued: 01/11/2011
Est. Priority Date: 01/07/2005
Status: Expired due to Fees

First Claim

Patent Images

1. An invention comprising a method for facilitating digital signature communications of a first party with multiple third parties, the method comprising executing computer program instructions by one or more processors for:

(a) communicating software to the first party, the software including computer-executable instructions for,(i) providing a first public key of the first party by performing the steps of,(A) with respect to domain parameters of an elliptic curve for use in elliptic curve cryptography and, in particular, a generating point of the elliptic curve, transforming within the computer system the generating point into a first new generating point as a deterministic function of first data specified by the first party, wherein the deterministic function comprises a deterministic function of shared knowledge,(B) generating within the computer system the first public key as a deterministic function of a private key and the domain parameters, in which the first new generating point of said step (i)(A) is substituted for the generating point of the domain parameters, and(C) exporting the first public key of said step (i)(B) from the computer system, and(ii) providing a second public key of the first party by performing the steps of,(A) transforming within the computer system the generating point of the domain parameters of said step (i)(A) into a second new generating point as a deterministic function of second data specified by the first party,(B) generating within the computer system the second public key as a deterministic function of the same private key and the same domain parameters, in which the second new generating point of said step (ii)(A) is substituted for the generating point of the domain parameters, and(C) exporting the second public key of said step (ii)(B) from the computer system,(iii) wherein,(A) said generated first public key comprises, in conjunction with the private key, a first public-private key pair of the first party for use in elliptic curve cryptography, and(B) said generated second public key comprises, in conjunction with the private key, a second different public-private key pair of the first party for use in elliptic curve cryptography;

(b) receiving from the first party both the first and second public keys generated using the software communicated to the first party in said step (a); and

(c) recording in a database said received public keys of the first party in association with information pertaining to said communicated software of said step (a).

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Facilitating communication using a digital signature includes: communicating software to a first party; receiving from the first party public keys of public-private key pairs generated using the software; and recording in a database the public keys in association with information pertaining to the software. The key pairs have the same private key. The software additionally provides digital signatures utilizing this private key. Each public key of these key pairs is generated, in part, based on data that is specified by the first party.

Citations

33 Claims

1. An invention comprising a method for facilitating digital signature communications of a first party with multiple third parties, the method comprising executing computer program instructions by one or more processors for:
- (a) communicating software to the first party, the software including computer-executable instructions for,(i) providing a first public key of the first party by performing the steps of,(A) with respect to domain parameters of an elliptic curve for use in elliptic curve cryptography and, in particular, a generating point of the elliptic curve, transforming within the computer system the generating point into a first new generating point as a deterministic function of first data specified by the first party, wherein the deterministic function comprises a deterministic function of shared knowledge,(B) generating within the computer system the first public key as a deterministic function of a private key and the domain parameters, in which the first new generating point of said step (i)(A) is substituted for the generating point of the domain parameters, and(C) exporting the first public key of said step (i)(B) from the computer system, and(ii) providing a second public key of the first party by performing the steps of,(A) transforming within the computer system the generating point of the domain parameters of said step (i)(A) into a second new generating point as a deterministic function of second data specified by the first party,(B) generating within the computer system the second public key as a deterministic function of the same private key and the same domain parameters, in which the second new generating point of said step (ii)(A) is substituted for the generating point of the domain parameters, and(C) exporting the second public key of said step (ii)(B) from the computer system,(iii) wherein,(A) said generated first public key comprises, in conjunction with the private key, a first public-private key pair of the first party for use in elliptic curve cryptography, and(B) said generated second public key comprises, in conjunction with the private key, a second different public-private key pair of the first party for use in elliptic curve cryptography;
  
  (b) receiving from the first party both the first and second public keys generated using the software communicated to the first party in said step (a); and
  
  (c) recording in a database said received public keys of the first party in association with information pertaining to said communicated software of said step (a).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- - 2. The invention of claim 1, wherein the shared knowledge is known to the first party and a third party.
  - 3. The invention of claim 2, wherein the shared knowledge comprises an account number for an account of the first party that is maintained with a third party.
  - 4. The invention of claim 1, wherein the shared knowledge is specified by the first party by being input by the first party into the computer system at prompting by the software.
  - 5. The invention of claim 1, wherein the shared knowledge comprises a deterministic function of one or more predefined arguments, wherein the deterministic function and predefined arguments are known both to the first party and a third party, whereby both the first party and the third party may independently calculate the shared knowledge.
  - 6. The invention of claim 1, wherein the deterministic function of the shared knowledge outputs a large integer value.
  - 7. The invention of claim 3, wherein the generating point is transformed into the first new generating point by multiplying the generating point by the large integer value to arrive at the first new generating point.
  - 8. The invention of claim 1, wherein the deterministic function recited in said step of transforming the generating point into the second new generating point comprises a deterministic function of shared knowledge.
  - 9. The invention of claim 1, wherein the information recorded in said step (c) comprises information regarding the deterministic function used to generate the first and second public keys.
  - 10. The invention of claim 1, wherein the information recorded in said step (c) comprises information regarding a function used to generate a first and second digital signatures.
  - 11. The invention of claim 1, wherein the software further includes computer-executable instructions for clearing the first and second new generating points from the computer system.
  - 12. The invention of claim 11, wherein the information recorded in said step (c) comprises information regarding when the clearing of the new generating points is performed.
  - 13. The invention of claim 1, wherein the software further includes computer-executable instructions for clearing the first and second data specified by the first party.
  - 14. The invention of claim 13, wherein the information recorded in said step (c) comprises information regarding when the clearing of the first and second data is performed.
  - 15. The invention of claim 1, wherein the information recorded in said step (c) comprises the version of the software.
  - 16. The invention of claim 1, wherein said step (a) of communicating the software comprises communicating the software to the first party over the Internet.
  - 17. The invention of claim 16, wherein the software is downloaded from a website.
  - 18. The invention of claim 1, wherein said step (a) is performed by a second party, and wherein said communicated software of said step (a) further includes computer-executable instructions for exporting information identifying said communicated software to the second party.
  - 19. The invention of claim 18, wherein the identifying information includes a hash value of the software.
  - 20. The invention of claim 18, wherein the identifying information is digitally signed using said communicated software.
  - 21. The invention of claim 18, wherein the information identifying said communicated software to the second party is exported for communicating to the second party with the first and second public keys.
  - 22. The invention of claim 21, wherein the second party performs said step (c) of recording the received public keys in association with the information, and wherein said recorded information pertains to the software identified to the second party by said identifying information.
  - 23. The invention of claim 1, further comprising computer-readable media containing computer-executable instructions for performing the method of said steps (a), (b), and (c).
  - 24. The invention of claim 1, further comprising receiving a request from a third party, the request including the first public key of the first party, and in response, communicating said recorded information pertaining to said communicated software to the third party.
  - 25. The invention of claim 1, further comprising receiving a request from a third party, the request including the second public key of the first party, and in response, communicating said recorded information pertaining to said communicated software to the third party.
  - 26. The invention of claim 1, further comprising receiving an identifier of the first party, and recording in the database the identifier of the first party in association with the first and second public keys and the information pertaining to said communicated software.
  - 27. The invention of claim 26, further comprising receiving a request from a third party, the request including the identifier of the first party, and in response, communicating said recorded information pertaining to said communicated software to the third party.
  - 28. The invention of claim 27, further comprising receiving additional information regarding the first party, recording in the database the additional information in association with the identifier of the first party, and communicating, in response to a request, said recorded additional information regarding the first party.
  - 29. The invention of claim 1, wherein the software further includes computer-executable instructions for,(iv) providing a first digital signature using an elliptic curve digital signature algorithm for verification using the first public key by performing the steps of,(A) transforming within the computer system the generating point of the domain parameters of said step (i)(A) into the first new generating point as a deterministic function of the first data that is again specified by the first party,(B) generating within the computer system the first digital signature as a function of the private key of said step (i)(B) and the domain parameters, in which the first new generating point of said step (iv)(A) is substituted for the generating point of the domain parameters, and(c) exporting the first digital signature from the computer system, and(v) providing a second digital signature using the elliptic curve digital signature algorithm for verification using the second public key by performing the steps of,(A) transforming within the computer system the generating point of the domain parameters of said step (i)(A) into the second new generating point as a deterministic function of the second data that is again specified by the first party,(B) generating within the computer system the digital signature as a function of the private key of said step (i)(B) and the domain parameters, in which the second new generating point of said step (v)(A) is substituted for the generating point of the domain parameters, and(C) exporting said generated digital signature from the computer system.
  - 30. The invention of claim 29, wherein each function recited in each of said steps of generating the first and second digital signatures comprises a function of an electronic message to which the respective digital signature applies.
  - 31. The invention of claim 29, wherein the software further includes computer-executable instructions for providing additional digital signatures as a function of the private key and the first new generating point, and for providing additional digital signatures as a function of the private key and the second new generating point.
  - 32. The invention of claim 31, wherein the function recited in said step of generating the first digital signature further comprises a function of whether a digital signature has yet been generated since the first data was specified by the first party.
  - 33. The invention of claim 31, wherein the function recited in said step of generating the second digital signature further comprises a function of whether a digital signature has yet been generated since the second data was specified by the first party.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
First Data Corporation (Fiserv Incorporated)
Original Assignee
First Data Corporation (Fiserv Incorporated)
Inventors
Beeson, Curtis Linn
Primary Examiner(s)
KIM, JUNG W

Application Number

US11/161,560
Publication Number

US 20060153368A1
Time in Patent Office

1,982 Days
Field of Search

None
US Class Current

380/30
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 9/3066   involving algebraic varieti...

H04L 9/321   involving a third party or ...

H04L 9/3252   using DSA or related signat...

Software for providing based on shared knowledge public keys having same private key

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Software for providing based on shared knowledge public keys having same private key

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links