Method for identifying subscribers and for generating and verifying electronic signatures in a data exchange system
First Claim
1. In a method for mutual identification of subscribers in a data exchange system working with processor chip cards and using identification data coded into the cards by a card-issuing center including subscriber-related public keys and stored in the respective chip cards along with private keys which have a logical relationship to the public keys, whereby random number-dependent check data are exchanged between the subscribers, comprising the steps of:
- transmitting from a chip card the coded identification data together with a signature of the center to a subscriber entering into an information exchange with the chip card;
at the subscriber checking the correctness of the coded identification data with reference to known information including a public list or reference to the signature of the center;
forming in the chip card a x value proceeding from a random, discrete logarithm rε
(1, . . . , p-1), where p is a declared prime number modulus, and according to the rule
space="preserve" listing-type="equation">x;
=2.sup.r (mod p);
transmitting the x value to the subscriber;
transmitting from the subscriber a random bit sequence
space="preserve" listing-type="equation">e=(e.sub.l,l. . . ,e.sub.t,k)ε
{0,1}.sup.ktto the chip card;
multiplying the stored, private key sj representing a discrete logarithm with a binary number formed from the bits of the random bit sequence e transmitted from the subscriber to the chip card and adding the random number r allocated to the previously-transmitted x value to calculate, at the chip card, a number y according to the rule ##EQU15## transmitting the number y to the subscriber;
at the subscriber, calculating a number x with reference to the number y according to the rule ##EQU16## checking the identity of the chip card user by comparing the calculated number x and the x value previously communicated to the subscriber.
1 Assignment
0 Petitions
Accused Products
Abstract
In a data exchange system working with processor chip cards, a chip card transmits coded identification data I, v and, proceeding from a random, discrete logarithm r, an exponential value x=2r (mod p) to the subscriber who, in turn, generates and transmits a random bit sequence e to the chip card. By multiplication of a stored, private key s with the bit sequence e and by addition of the random number r, the chip card calculates a y value and transmits the y value to the subscriber who, in turn, calculates an x value from the information y, vj and e and checks whether the calculated x value coincides with the transmitted x value. For an electronic signature, a hash value e is first calculated from an x value and from the message m to be signed and a y value is subsequently calculated from the information r, sj and e. The numbers x and y then yield the electronic signature of the message m.
301 Citations
11 Claims
-
1. In a method for mutual identification of subscribers in a data exchange system working with processor chip cards and using identification data coded into the cards by a card-issuing center including subscriber-related public keys and stored in the respective chip cards along with private keys which have a logical relationship to the public keys, whereby random number-dependent check data are exchanged between the subscribers, comprising the steps of:
-
transmitting from a chip card the coded identification data together with a signature of the center to a subscriber entering into an information exchange with the chip card; at the subscriber checking the correctness of the coded identification data with reference to known information including a public list or reference to the signature of the center; forming in the chip card a x value proceeding from a random, discrete logarithm rε
(1, . . . , p-1), where p is a declared prime number modulus, and according to the rule
space="preserve" listing-type="equation">x;
=2.sup.r (mod p);transmitting the x value to the subscriber; transmitting from the subscriber a random bit sequence
space="preserve" listing-type="equation">e=(e.sub.l,l. . . ,e.sub.t,k)ε
{0,1}.sup.ktto the chip card; multiplying the stored, private key sj representing a discrete logarithm with a binary number formed from the bits of the random bit sequence e transmitted from the subscriber to the chip card and adding the random number r allocated to the previously-transmitted x value to calculate, at the chip card, a number y according to the rule ##EQU15## transmitting the number y to the subscriber;
at the subscriber, calculating a number x with reference to the number y according to the rule ##EQU16## checking the identity of the chip card user by comparing the calculated number x and the x value previously communicated to the subscriber. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
Specification