Trusted authentication digital signature (tads) system
First Claim
1. A method of establishing trusted entity authentication associated with an electronic communication (EC), comprising:
- (a) manufacturing a device within a secure environment, wherein manufacturing the device comprises;
(i) creating a public-private key pair before release of the device from the secure manufacturing environment,(ii) storing the private key securely within the device before release of the device from the secure manufacturing environment, and(iii) linking within the secure manufacturing environment in a secure manner the public key with other information associated with the device;
(b) after its manufacture, using the device to generate a digital signature as part of the EC, wherein generating the digital signature comprises;
(i) receiving into the device input comprising verification data of an entity,(ii) identifying within the device a current verification status out of a plurality of predefined verification statuses as a function of the input verification data and data prestored within the device, each verification status regarding an entity authentication performed by the device,(iii) independent of the verification status identified, generating the digital signature for a message as a function of said identified verification status, including modifying within the device the message as a function of said identified verification status, said generated digital signature comprising an indication of the identified verification status, and(iv) outputting from the device the digital signature for transmission as part of the EC to a recipient; and
(c) upon receipt of the EC by the recipient,(i) extracting the indication of the identified verification status from the EC and identifying the other information linked with the public key of the device by successfully authenticating the message using the public key of the device, and(ii) acting on the message in the EC based on the indication of the identified verification status included in the EC, based on the contents of the message itself, and based on said identified information linked with the public key.
8 Assignments
0 Petitions
Accused Products
Abstract
Trusted entity authentication includes creating a public-private pair in a secure environment; storing the private key within a device during its manufacture in the secure environment; linking the public key with other information in the secure environment, receiving input within the device comprising verification data of an entity, identifying within the device a verification status based on the verification data and data prestored within the device; independent of the verification status identified, generating a digital signature for a message including an indication of the identified verification status using the private key; outputting the digital signature for transmission with an EC; identifying upon receipt of the EC the information linked with the public key by authenticating the message with the public key, and considering the identified information and the indicated verification status. The linked information includes device security aspects and the verification status regards entity authentication performed by the device.
265 Citations
13 Claims
-
1. A method of establishing trusted entity authentication associated with an electronic communication (EC), comprising:
-
(a) manufacturing a device within a secure environment, wherein manufacturing the device comprises; (i) creating a public-private key pair before release of the device from the secure manufacturing environment, (ii) storing the private key securely within the device before release of the device from the secure manufacturing environment, and (iii) linking within the secure manufacturing environment in a secure manner the public key with other information associated with the device; (b) after its manufacture, using the device to generate a digital signature as part of the EC, wherein generating the digital signature comprises; (i) receiving into the device input comprising verification data of an entity, (ii) identifying within the device a current verification status out of a plurality of predefined verification statuses as a function of the input verification data and data prestored within the device, each verification status regarding an entity authentication performed by the device, (iii) independent of the verification status identified, generating the digital signature for a message as a function of said identified verification status, including modifying within the device the message as a function of said identified verification status, said generated digital signature comprising an indication of the identified verification status, and (iv) outputting from the device the digital signature for transmission as part of the EC to a recipient; and (c) upon receipt of the EC by the recipient, (i) extracting the indication of the identified verification status from the EC and identifying the other information linked with the public key of the device by successfully authenticating the message using the public key of the device, and (ii) acting on the message in the EC based on the indication of the identified verification status included in the EC, based on the contents of the message itself, and based on said identified information linked with the public key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method in which a recipient of an electronic communication (EC) authenticates an entity solely by conducting message authentication with respect to the received EC, which includes unique identifier associated with an account maintained by the recipient, a message regarding the account, and a digital signature of the message, the method comprising:
-
(a) before receipt of the EC; (i) associating a public key of a public-private key pair with the unique identifier in a database maintained by the recipient, and (ii) retrieving information linked with the public key, the information identifying security aspects of a device used to generate digital signatures using the private key stored securely therein, the public-private key pair having been created within an environment of manufacture of the device and the private key having been stored within the device prior to release of the device from the environment following its manufacture; and (b) thereafter, (i) using only the digital signature from the EC and the public key associated with the account identifier to authenticate the message, and (ii) upon successful authentication of the message, acting upon the message based on; (A) said information linked with the public key, and (B) an indication included in the EC of a verification status of the device out of a plurality of predefined verification statuses, the verification status regarding an entity authentication performed by the device as a function of verification data of the entity input into the device and data prestored within the device.
-
-
11. A method in which a recipient of an electronic communication (EC) authenticates an entity solely by conducting message authentication with respect to the received EC, which includes a unique identifier associated with an account maintained by the recipient, a message regarding the account, and a digital signature of the message, the method comprising:
-
(a) before receipt of the EC; (i) associating a public key of a public-private key pair with the unique identifier in a database maintained by the recipient, and (ii) retrieving information linked with the public key, the information identifying security aspects of a device used to generate digital signatures using the private key stored securely therein; and (b) thereafter, (i) using only the digital signature from the EC and the public key associated with the account identifier to authenticate the message, and (ii) upon successful authentication of the message, acting upon the message based on; (A) said information linked with the public key, and (B) an indication included in the EC of a verification status of the device out of a plurality of predefined verification statuses, the verification status regarding an entity authentication performed by the device as a function of verification data of the entity input into the device and data prestored within the device.
-
-
12. A method in which a recipient of an electronic communication (EC) authenticates an entity solely by conducting message authentication with respect to the received EC, which includes a unique identifier associated with an account maintained by the recipient, a message regarding the account, and a digital signature of the message, the method comprising:
-
(a) before receipt of the EC, associating a public key of a public-private key pair with the unique identifier in a database maintained by the recipient; and
thereafter(b) using only the digital signature from the EC and the public key associated with the account identifier to authenticate the message, and upon successful authentication of the message, acting upon the message based on an indication included in the EC of a verification status of the device out of a plurality of predefined verification statuses, the verification status regarding an entity authentication performed by the device as a function of verification data of the entity input into the device and data prestored within the device.
-
-
13. A method in which a recipient of an electronic communication (EC) authenticates an entity solely by conducting message authentication with respect to the received EC, which includes a unique identifier associated with an account maintained by the recipient, a message regarding the account, and a digital signature of the message, the method comprising:
-
(a) before receipt of the EC; (i) associating a public key of a public-private key pair with the unique identifier in a database maintained by the recipient, and (ii) retrieving information linked with the public key, the information identifying security aspects of a device used to generate digital signatures using the private key stored securely therein, the public-private key pair having been created within an environment of manufacture of the device and the private key having been stored within the device prior to release of the device from the environment following its manufacture; and (b) thereafter, (i) using only the digital signature from the EC and the public key associated with the account identifier to authenticate the message, and (ii) upon successful authentication of the message, acting upon the message based on said information linked with the public key.
-
Specification