Prevention of unauthorized forwarding and authentication of signatures
First Claim
Patent Images
1. An authentication method comprising:
- receiving in a processor of a receiving node, a message and a forwarding signature (T), wherein;
the forwarding signature has been generated in a transmitting node by applying a predetermined tweak parameter (p) to a confidential signature (S), the predetermined tweak parameter having a value that is selected in the transmitting node; and
wherein the confidential signature has been generated by signing the message with a private key of a public/private key pair;
operating on the forwarding signature to generate a first value, wherein the forwarding signature is operated on utilizing a public key of the public/private key pair;
operating on the message to generate a second value, wherein the message is operated on utilizing the predetermined tweak parameter;
comparing the first value and the second value; and
authenticating the message in accordance with a result of comparing the first value and the second value.
2 Assignments
0 Petitions
Accused Products
Abstract
A forwarding signature comprises a modified digital signature, modified using a predetermined parameter between a sender and an intended recipient. An intended recipient of the forwarding signature can verify that the forwarding signature corresponds to the message, but, can neither derive the original digital signature nor generate a new forwarding signature for a different parameter. Generation and verification of the forwarding signature is accomplished with access to the public key of a public/private cryptographic key pair, the original signed message, and the predetermined parameter. Access to the private key is not needed.
-
Citations
20 Claims
-
1. An authentication method comprising:
-
receiving in a processor of a receiving node, a message and a forwarding signature (T), wherein; the forwarding signature has been generated in a transmitting node by applying a predetermined tweak parameter (p) to a confidential signature (S), the predetermined tweak parameter having a value that is selected in the transmitting node; and wherein the confidential signature has been generated by signing the message with a private key of a public/private key pair; operating on the forwarding signature to generate a first value, wherein the forwarding signature is operated on utilizing a public key of the public/private key pair; operating on the message to generate a second value, wherein the message is operated on utilizing the predetermined tweak parameter; comparing the first value and the second value; and authenticating the message in accordance with a result of comparing the first value and the second value. - View Dependent Claims (2, 3, 4, 5, 6, 17, 18, 19, 20)
-
-
7. An authentication system comprising:
-
an input device of a receiving processor node configured to receive a message and a forwarding signature, wherein; the forwarding signature has been generated in a transmitting processor node by applying a predetermined tweak parameter (p) to a confidential signature (s), the predetermined tweak parameter having a value that is determined and generated in the transmitting processor node; and wherein the confidential signature has been generated by signing the message with a private key of a public/private key pair; a processing unit coupled to the input device, the processing unit configured to; operate on the forwarding signature to generate a first value, wherein the forwarding signature is operated on utilizing a public key of the public/private key pair; operate on the message to generate a second value, wherein the message is operated on utilizing the predetermined tweak parameter; compare the first value and the second value; and authenticate the message in accordance with a result of comparing the first value and the second value. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A computer-readable storage medium that is not a transient signal, the computer-readable storage medium having stored thereon computer-executable instructions for performing authentication by performing the steps of:
-
receiving in a first node, a message and a forwarding signature (T), wherein; the forwarding signature has been generated in a second node by applying a predetermined tweak parameter (p) to a confidential signature (S), the predetermined tweak parameter having a value that is determined and generated in the second node; and wherein the confidential signature has been generated by signing the message with a private key of a public/private key pair; operating on the forwarding signature to generate a first value, wherein the forwarding signature is operated on utilizing a public key of the public/private key pair; operating on the message to generate a second value, wherein the message is operated on utilizing the predetermined tweak parameter; comparing the first value and the second value; and authenticating the message in accordance with a result of comparing the first value and the second value. - View Dependent Claims (13, 14, 15, 16)
-
Specification