System and method for encryption
First Claim
1. A computer implemented method of generating a digital signature on behalf of a user, the method comprising:
- receiving, via an input-output system, a request from a first user device of said user to create a digital signature for a first message M to verify its authenticity;
generating, using a processor, a validation challenge using a second message M′
which is based on the first message M and a first secret shared with said user, wherein said validation challenge is generated by encrypting said second message M′
using said first shared secret;
sending, via the input-output system, said validation challenge to said user to enable a second user device of said user to regenerate said second message M′
;
accessing a first shared secret from a database;
receiving, via the input-output system, a validation code from said second user device, said validation code confirming the request to create the digital signature and said validation code being generated following confirmation from the user that the second message M′
as displayed on the second user device corresponds to the first message M, wherein the second message M′
displayed on the second user device is generated by decrypting said validation challenge using said first shared secret; and
generating, using said processor, the digital signature for the user for the first message M based on a successful verification of the validation code.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for generating a signature for a user are described. The system comprises a signature server, an initial transaction device for a user and a validation device for a user. The initial transaction device is configured to display a first message M and send a request to the signature server to create a signature for said first message M. The signature server is configured to generate a validation challenge using a second message M′ which is based on said first message M′ and a first secret shared between said user and said signature server and send said validation challenge to the validation device. The validation device is configured to regenerate said second message M′ using said first shared secret, display said second message M′, receive user confirmation that the displayed second message M′ corresponds to said first message M, generate a validation code confirming the request to create a signature; and send said validation code to said signature server. Thereafter, said signature server generates the signature for the user for the first message M.
-
Citations
18 Claims
-
1. A computer implemented method of generating a digital signature on behalf of a user, the method comprising:
-
receiving, via an input-output system, a request from a first user device of said user to create a digital signature for a first message M to verify its authenticity; generating, using a processor, a validation challenge using a second message M′
which is based on the first message M and a first secret shared with said user, wherein said validation challenge is generated by encrypting said second message M′
using said first shared secret;sending, via the input-output system, said validation challenge to said user to enable a second user device of said user to regenerate said second message M′
;accessing a first shared secret from a database; receiving, via the input-output system, a validation code from said second user device, said validation code confirming the request to create the digital signature and said validation code being generated following confirmation from the user that the second message M′
as displayed on the second user device corresponds to the first message M, wherein the second message M′
displayed on the second user device is generated by decrypting said validation challenge using said first shared secret; andgenerating, using said processor, the digital signature for the user for the first message M based on a successful verification of the validation code. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer implemented method of generating a digital signature on behalf of a user, the method comprising:
-
displaying a first message M on a display of a first user device of said user; sending a request from said first user device to a signature server to create a digital signature for said first message M to verify its authenticity; creating a second message M′
which is based on the first message M;accessing a first shared secret from a database; generating a validation challenge, using a processor on said signature server, using said second message M′ and
a first secret shared between said user and said signature server, wherein said validation challenge is generated by encrypting said second message M′
using said first shared secret;sending said validation challenge via an input-output system on said signature server to a second user device of said user; regenerating said second message M′
on said second user device using said first shared secret wherein said second message M′
is generated by decrypting said validation challenge using said first shared secret;displaying said second message M′
on a display of said second user device;receiving user confirmation via a user interface on said second user device that the displayed second message M′
corresponds to said first message M;generating a validation code confirming the request to create the digital signature; sending said validation code from said second user device to said signature server; and generating, using said processor, the digital signature for the user for the first message M based on a successful verification of the validation code. - View Dependent Claims (9)
-
-
10. A signature server for creating a digital signature on behalf of a user, the server being configured to:
-
receive, via an input-output system, a request from a first user device of said user to create a digital signature for a first message M to verify its authenticity; generate, using a processor, a validation challenge using a second message M′
which is based on the first message M and a first secret shared with said user, wherein said validation challenge is generated by encrypting said second message M′
using said first shared secret;send, via the input-output system, said validation challenge to said user to enable a second user device of said user to regenerate said second message M′
;access a first shared secret from a database; receive, via the input-output system, a validation code from said second user device, said validation code confirming the request to create the digital signature and said validation code being generated following confirmation from the user that the second message M′
as displayed on the second user device corresponds to the first message M, wherein the second message M′
displayed on the second user device is generated by decrypting said validation challenge using said first shared secret; andgenerate, using said processor, the digital signature for the user for the first message M based on a successful verification of the validation code. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A system comprising a signature server, an initial transaction device and a validation device, the initial transaction device being configured to:
-
display a first message M on a display on said initial transaction device of a user; and send, via an input-output system, a request to the signature server to create a digital signature for said first message M to verify its authenticity; the signature server being configured to; generate, using a processor on said signature server, a validation challenge using a second message M′
which is based on said first message M and a first secret shared between said user and said signature server, wherein said validation challenge is generated by encrypting said second message M′
using said first shared secret; andsend, via said input-output system, said validation challenge to the validation device of the user; the validation device being configured to; regenerate, using a processor on said validation device, said second message M′
using said first shared secret wherein said second message M′
is generated by decrypting said validation challenge using said first shared secret;display said second message M′
on a display on said validation device;receive, via said input-output system, user confirmation that the displayed second message M′
corresponds to said first message M;generate, via said processor on said validation device, a validation code confirming the request to create the digital signature; and send, via said input-output system, said validation code to said signature server; whereby said signature server generates, via said processor on said signature server, the digital signature for the user for the first message M based on a successful verification of the validation code.
-
Specification