Data card verification system

US 8,307,211 B2
Filed: 09/28/2010
Issued: 11/06/2012
Est. Priority Date: 02/03/1997
Status: Expired due to Fees

First Claim

Patent Images

1. A method of generating signature for a certificate of a correspondent, said certificate for use in electronic communicates, said method comprising:

obtaining a first set of data including identification data and public information, the public information related to a private key by cryptographic operations of an elliptic curve cryptosystem; and

signing a second set of data related to said first set of data by utilizing a cryptographic processor implementing a second cryptosystem that is different to said elliptic curve cryptosystem to obtain said signature.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of verifying a pair of correspondents in electronic transaction, the correspondents each including first and second signature schemes and wherein the first signature scheme is computationally more difficult in signing than verifying and the second signature scheme is computationally more difficult in verifying than signing. The method comprises the step of the first correspondent signing information according to the first signature scheme and transmitting the first signature to the second correspondent, the second correspondent verifying the first signature received from the first correspondent, wherein the verification is performed according to the first signature scheme. The second correspondent then signs information according to the second signature scheme and transmits the second signature to the first correspondent, the first correspondent verifies the second signature received from the second correspondent, wherein the verification is performed according to the second signature algorithm; the transaction is rejected if either verification fails. The method thereby allows one of the correspondents to participate with relatively little computing power while maintaining security of the transaction.

Citations

25 Claims

1. A method of generating signature for a certificate of a correspondent, said certificate for use in electronic communicates, said method comprising:
- obtaining a first set of data including identification data and public information, the public information related to a private key by cryptographic operations of an elliptic curve cryptosystem; and
  
  signing a second set of data related to said first set of data by utilizing a cryptographic processor implementing a second cryptosystem that is different to said elliptic curve cryptosystem to obtain said signature.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1 wherein said signing utilizes an RSA signature algorithm.
  - 3. The method according to claim 1 wherein said second set of data comprises said identification data and said public information.
  - 4. The method according to claim 1, wherein said certificate comprises said identification data, a public key corresponding to said private key and said signature.
  - 5. The method according to claim 1, wherein said public information comprises a public key related to said private key.
  - 6. The method according to claim 1, wherein said second cryptosystem is computationally more difficult for signing than verifying, while said elliptic curve cryptosystem is computationally more difficult for verifying than signing.
  - 7. The method according to claim 1, wherein said second set of data is signed by a certificate authority.
  - 8. The method according to claim 1, wherein said correspondent is a device.

9. A computer readable medium comprising computer executable instructions for generating a signature for a certificate of a correspondent, said certificate for use in electronic communications, the computer executable instructions comprising instructions for:
- obtaining a first set of data including identification data and public information, the public information related to a private key by cryptographic operations of an elliptic curve cryptosystem; and
  
  signing a second set of data related to said first set of data by utilizing a cryptographic processor implementing a second cryptosystem that is different to said elliptic curve cryptosystem to obtain said signature.
- View Dependent Claims (13, 14, 15, 16, 18, 19)
- - 13. The computer readable medium according to claim 9 wherein said signing utilizes an RSA signature algorithm.
  - 14. The computer readable medium according to claim 9 wherein said second set of data comprises said identification data and said public information.
  - 15. The computer readable medium according to claim 9 wherein said certificate comprises said identification data, a public key corresponding to said private key and said signature.
  - 16. The computer readable medium according to claim 9 wherein, said public information comprises a public key related to said private key.
  - 18. The computer readable medium according to claim 9 wherein said second set of data is signed by a certificate authority.
  - 19. The computer readable medium according to claim 9 wherein said correspondent is a device.

10. An apparatus including a cryptographic processor to perform cryptographic operations and configured to:
- obtain a first set of data including identification data and public information, the public information related to a private key by cryptographic operations of an elliptic curve cryptosystem; and
  
  sign a second set of data related to said first set of data by utilizing a cryptographic processor implementing a second cryptosystem that is different to said elliptic curve cryptosystem to obtain a signature for inclusion in a certificate.
- View Dependent Claims (17, 20, 21, 22, 23, 24, 25)
- - 17. The computer readable medium according to claim 10 wherein said second cryptosystem is computationally more difficult for signing than verifying, while said elliptic curve cryptosystem is computationally more difficult for verifying than signing.
  - 20. The apparatus of claim 10 wherein said cryptographic processor is configured to utilize an RSA signature algorithm for said signing.
  - 21. The apparatus of claim 10 wherein said second set of data comprises said identification data and said public information.
  - 22. The apparatus of claim 10 wherein said certificate comprises said identification data, a public key corresponding to said private key and said signature.
  - 23. The apparatus of claim 10, wherein said public information comprises a public key related to said private key.
  - 24. The apparatus of claim 10, wherein said second cryptosystem is computationally more difficult for signing than verifying, while said elliptic curve cryptosystem is computationally more difficult for verifying than signing.
  - 25. The apparatus of claim 10, wherein said second set of data is signed by a certificate authority.

11. A certificate embodied as a data structure in a non-transitory computer readble medium comprising:
- a signature obtained by signing a second set of computer readable data utilizing a signature scheme implemented in a second cryptosystem, wherein said second set of data is related to identification data and public information associated with a correspondent, said public information related to a private key by cryptographic operations of an elliptic curve cryptosystem that is different than said second cryptosystem.
- View Dependent Claims (12)
- - 12. The certificate according to claim 11 wherein said signature scheme utilizes an RSA signature algorithm.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Certicom Corporation (Blackberry Limited)
Inventors
Vanstone, Scott Alexander
Primary Examiner(s)
Shiferaw, Eleni
Assistant Examiner(s)
CALLAHAN, PAUL E

Application Number

US12/892,719
Publication Number

US 20110016324A1
Time in Patent Office

770 Days
Field of Search

380/283, 380/285, 713/171, 713/175, 713/176
US Class Current

713/175
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3674   involving authentication

G06Q 20/3825   Use of electronic signatures

G06Q 20/401   Transaction verification

G06Q 20/40975   using encryption therefor

G06Q 2220/00   Business processing using c...

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3066   involving algebraic varieti...

H04L 9/3249   using RSA or related signat...

H04L 9/3252   using DSA or related signat...

Data card verification system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Data card verification system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links