Signature verification using unidirectional function
First Claim
1. A signature verification system comprising:
- a communication device; and
a verification device which provides verification of a signature generated by the communication device,wherein the communication device and the verification device are connected to each other through a network,wherein the communication device includes;
a first processor, anda first memory including instructions that, when executed by the first processor, cause the first processor to perform first operations, including;
generating a first random number or acquiring a first random number from random number veneration hardware,deriving a first hash value from the first random number using a unidirectional function,generating a secret key and a public key of the communication device,deriving a second hash value from a first combined data including first electronic data and a first certificate of the communication device, the first certificate of the communication device includes the first hash value, the public key of the communication device and an access information for having access to the communication device, using a unidirectional function,generating a first signature using the secret key of the communication device with respect to the second hash value, andtransmitting the first electronic data, the first certificate and the first signature to the verification device occurs via a non-secure communication path, andwherein the verification device includes;
a second processor; and
a second memory, including instructions that, when executed by the second processor, cause the second processor to perform second operations, including;
receiving a second electronic data, a second certificate and a second signature,receiving the first certificate based on the access information,comparing the second certificate with the first certificate, andwhen the second certificate does no match the tint certificate, the second operations, further including;
discontinuing the verification of the signature generated by the communication device, andwhen the second certificate matches the first certificate, the second operations, further including;
continuing the verification of the signature generated by the communication device.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided is a signature verification system including a communication device and a verification device. The communication device and the verification device are connected to each other through a network. The communication device derives a first hash value from a first random number, derives a second hash value from data including electronic data and a certificate of the communication device which includes the first hash value and a public key of the communication device, using a unidirectional function, generates a signature using a secret key of the communication device with respect to the second hash value, and transmits the electronic data, the certificate, and the signature to the verification device. The verification device receives the electronic data, the certificate, and the signature, authenticates the communication device using the first hash value included in the certificate, derives the second hash value from the data including the electronic data and the certificate using a unidirectional function, and verifies the signature using the public key of the communication device and the derived second hash value which are included in the certificate.
20 Citations
10 Claims
-
1. A signature verification system comprising:
-
a communication device; and a verification device which provides verification of a signature generated by the communication device, wherein the communication device and the verification device are connected to each other through a network, wherein the communication device includes; a first processor, and a first memory including instructions that, when executed by the first processor, cause the first processor to perform first operations, including; generating a first random number or acquiring a first random number from random number veneration hardware, deriving a first hash value from the first random number using a unidirectional function, generating a secret key and a public key of the communication device, deriving a second hash value from a first combined data including first electronic data and a first certificate of the communication device, the first certificate of the communication device includes the first hash value, the public key of the communication device and an access information for having access to the communication device, using a unidirectional function, generating a first signature using the secret key of the communication device with respect to the second hash value, and transmitting the first electronic data, the first certificate and the first signature to the verification device occurs via a non-secure communication path, and wherein the verification device includes; a second processor; and a second memory, including instructions that, when executed by the second processor, cause the second processor to perform second operations, including; receiving a second electronic data, a second certificate and a second signature, receiving the first certificate based on the access information, comparing the second certificate with the first certificate, and when the second certificate does no match the tint certificate, the second operations, further including; discontinuing the verification of the signature generated by the communication device, and when the second certificate matches the first certificate, the second operations, further including; continuing the verification of the signature generated by the communication device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A signature generation method in a communication device which is connectable to a verification device through a network and the verification device provides through the network, verification of a signature generated by the communication device, the signature generation method comprising:
-
the communication device perforating first operations, including; generating a first random number or acquiring a first random number from random number generation hardware, deriving a first hash value from the first random number using a unidirectional function, generating a secret key and a public key of the communication device, deriving a second hash value from a first combined data including first electronic data and a first certificate of the communication device, the first certificate of the communication device includes the first hash value, the public key of the communication device and an access information for having access to the communication device, using a unidirectional function, generating a first signature using the secret key of the communication device with respect to the second hash value, and transmitting the first electronic data, the first certificate and the first signature to the verification device occurs via a non-secure communication path, and the verification device performing second operations, including; receiving a second electronic data, a second certificate and a second signature, receiving the first certificate based on the access information, comparing the second certificate with the first certificate, and when the second certificate does not match the first certificate, the second operations, further including; discontinuing the verification of the signature generated by the communication device, and when the second certificate matches the first certificate, the second operations, further including; continuing the verification of the signature generated by the communication device.
-
-
10. A machine readable non-transitory storage media comprising;
-
at least one storage medium having stored thereon instructions that, when executed by a communication device which is connectable to a verification device through a network and the verification device provides through the network, verification of a signature generated by die communication device, cause the communication device to perform first operations, including; generating a first random number or acquiring a first random number from random number generation hardware, deriving a first hash value from the first random number using a unidirectional function, generating a secret key and a public key of me communication device, deriving a second hash value from a first combined data including first electronic data and a first certificate of the communication device, the first certificate of the communication device includes the first hash value, the public key of the communication device and an access information tor having access to the communication device, using a unidirectional function, generating a first signature using the secret key of the communication device with respect to the second hash value, and transmitting the first electronic data, the first certificate and the first signature to the verification device occurs via a non-secure communication path; and another storage medium having stored thereon instructions that, when executed by the verification device, cause the verification device to perform second operations, inducting; receiving a second electronic data, a second certificate and a second signature, receiving the first certificate based on the access information, comparing the second certificate with the first certificate, and when the second certificate does not match the first certificate, the second operations, further including; discontinuing the verification of the signature generated by the communication device, and when the second certificate matches the first certificate, the second operations, further including; continuing the verification of the signature generated by the communication device.
-
Specification