Method for the application of implicit signature schemes
First Claim
1. A method for recertifying a correspondent in a computer implemented data communication system through the use of a certifying authority, said certifying authority including a cryptographic unit, said method comprising the steps of:
- a) said certifying authority generating a first random number having a value using said cryptographic unit;
b) said certifying authority generating implicit certificate components using said cryptographic unit, said implicit certificate components including a first component generated using said first random number, and a second component generated using said first component and a private key of said certifying authority;
c) said certifying authority publishing a public key of said certifying authority; and
d) said certifying authority making available said implicit certificate components to enable said correspondent to generate a new private key using said second component and to enable the construction of a new public key using said first component and said public key of said certifying authority;
wherein said certifying authority recertifies said correspondent'"'"'s certificate by changing said value of said first random number using said cryptographic unit.
3 Assignments
0 Petitions
Accused Products
Abstract
A method of verifying a transaction over a data communication system between a first and second correspondent through the use of a certifying authority. The certifying authority has control of a certificate'"'"'s validity, which is used by at least the first correspondent. The method comprises the following steps. One of the first and second correspondents advising the certifying authority that the certificate is to be validated. The certifying authority verifies the validity of the certificate attributed to the first correspondent. The certifying authority generates implicit signature components including specific authorization information. At least one of the implicit signature components is forwarded to the first correspondent for permitting the first correspondent to generate an ephemeral private key. At least one of the implicit signature components is forwarded to the second correspondent for permitting recovery of an ephemeral public key corresponding to the ephemeral private key. The first correspondent signs a message with the ephemeral private key and forwards the message to the second correspondent. The second correspondent attempts to verify the signature using the ephemeral public key and proceeds with the transaction upon verification.
39 Citations
33 Claims
-
1. A method for recertifying a correspondent in a computer implemented data communication system through the use of a certifying authority, said certifying authority including a cryptographic unit, said method comprising the steps of:
-
a) said certifying authority generating a first random number having a value using said cryptographic unit; b) said certifying authority generating implicit certificate components using said cryptographic unit, said implicit certificate components including a first component generated using said first random number, and a second component generated using said first component and a private key of said certifying authority; c) said certifying authority publishing a public key of said certifying authority; and d) said certifying authority making available said implicit certificate components to enable said correspondent to generate a new private key using said second component and to enable the construction of a new public key using said first component and said public key of said certifying authority; wherein said certifying authority recertifies said correspondent'"'"'s certificate by changing said value of said first random number using said cryptographic unit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A certifying authority for recertifying a correspondent in a computer implemented data communication system, said certifying authority including a cryptographic unit for:
-
a) generating a first random number having a value; b) generating implicit certificate components including a first component generated using said first random number, and a second component generated using said first component and a private key of said certifying authority; c) publishing a public key of said certifying authority; d) making available said implicit certificate components to enable said correspondent to generate a new private key using said second component and to enable the construction of a new public key using said first component and said public key of said certifying authority; and e) recertifying said correspondent'"'"'s certificate by changing said value of said first random number. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable medium having stored thereon computer-executable instructions for performing a method for recertifying a correspondent in a computer implemented data communication system through the use of a certifying authority, said certifying authority including a cryptographic unit, said computer-executable instructions comprising instructions to perform the steps of:
-
a) said certifying authority generating a first random number having a value using said cryptographic unit; b) said certifying authority generating implicit certificate components using said cryptographic unit, said implicit certificate components including a first component generated using said first random number, and a second component generated using said first component and a private key of said certifying authority; c) said certifying authority publishing a public key of said certifying authority; and d) said certifying authority making available said implicit certificate components to enable said correspondent to generate a new private key using said second component and to enable the construction of a new public key using said first component and said public key of said certifying authority; wherein said computer-executable instructions further comprise instructions for recertifying said correspondent'"'"'s certificate by changing said value of said first random number using said cryptographic unit. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
-
25. A method for recertifying a correspondent in a computer implemented data communication system through the use of a certifying authority, said certifying authority including a cryptographic unit, said method comprising the steps of:
-
a) said certifying authority generating a first random number using said cryptographic unit; b) said certifying authority generating implicit certificate components using said cryptographic unit, said implicit certificate components including a first component generated using said first random number, and a second component generated using said first component, a private key of said certifying authority, and a second random number; c) said certifying authority publishing a public key of said certifying authority; and d) said certifying authority making available said implicit certificate components to enable said correspondent to generate a new private key using said second component and to enable the construction of a new public key using said first component and said public key of said certifying authority; wherein said certifying authority recertifies said correspondent'"'"'s certificate by changing said second random number using said cryptographic unit. - View Dependent Claims (26, 27)
-
-
28. A certifying authority for recertifying a correspondent in a computer implemented data communication system, said certifying authority including a cryptographic unit for:
-
a) generating a first random number; b) generating implicit certificate components including a first component generated using said first random number, and a second component generated using said first component, a private key of said certifying authority, and a second random number; c) publishing a public key of said certifying authority; d) making available said implicit certificate components to enable said correspondent to generate a new private key using said second component and to enable the construction of a new public key using said first component and said public key of said certifying authority; and e) recertifying said correspondent'"'"'s certificate by changing said second random number. - View Dependent Claims (29, 30)
-
-
31. A non-transitory computer-readable medium having stored thereon computer-executable instructions for recertifying a correspondent in a computer implemented data communication system through the use of a certifying authority, said certifying authority including a cryptographic unit, said computer-executable instructions comprising instructions for performing the steps of:
-
a) said certifying authority generating a first random number using said cryptographic unit; b) said certifying authority generating implicit certificate components using said cryptographic unit, said implicit certificate components including a first component generated using said first random number, and a second component generated using said first component, a private key of said certifying authority, and a second random number; c) said certifying authority publishing a public key of said certifying authority; and d) said certifying authority making available said implicit certificate components to enable said correspondent to generate a new private key using said second component and to enable the construction of a new public key using said first component and said public key of said certifying authority; wherein said computer-executable instructions further comprise instructions for recertifying said correspondent'"'"'s certificate by changing said second random number using said cryptographic unit. - View Dependent Claims (32, 33)
-
Specification