Method for securely using digital signatures in a commercial cryptographic system
First Claim
1. In a cryptographic system wherein a certifying authority issues digital certificates identifying users of said system, said digital certificates being digitally signed with a private key of said certifying authority to form a digital signature and requiring a public key of said certifying authority in order to verify said digital signature, and wherein a user transaction in said cryptographic system requires verification by a recipient of said user transaction, said verification based on information in said digital certificates and requiring said public key, a method of controlling use of said public key comprising:
- by said recipient, digitally signing at least one message containing rules of said system, by which said recipient agrees to said rules, said rules including a rule regarding maintaining secrecy of said public key; and
in response to said digital signing, permitting said recipient to utilize said public key and prior to said digital signing, denying utilization of said public key.
2 Assignments
0 Petitions
Accused Products
Abstract
A system for securely using digital signatures in a commercial cryptographic system that allows industry-wide security policy and authorization information to be encoded into the signatures and certificates by employing attribute certificates to enforce policy and authorization requirements. Verification of policy and authorization requirements is enforced in the system by restricting access to public keys to users who have digitally signed and agreed to follow rules of the system. These rules can also ensure that payment is made for public and private key usage. Additionally, users can impose their own rules and policy requirements on transactions in the system.
50 Citations
28 Claims
-
1. In a cryptographic system wherein a certifying authority issues digital certificates identifying users of said system, said digital certificates being digitally signed with a private key of said certifying authority to form a digital signature and requiring a public key of said certifying authority in order to verify said digital signature, and wherein a user transaction in said cryptographic system requires verification by a recipient of said user transaction, said verification based on information in said digital certificates and requiring said public key, a method of controlling use of said public key comprising:
-
by said recipient, digitally signing at least one message containing rules of said system, by which said recipient agrees to said rules, said rules including a rule regarding maintaining secrecy of said public key; and in response to said digital signing, permitting said recipient to utilize said public key and prior to said digital signing, denying utilization of said public key. - View Dependent Claims (2, 3, 4, 5, 6, 13, 14, 15, 16, 17, 18)
-
-
7. A method of enforcing a security policy in a cryptographic system, said policy including controlling use of a public key utilizable by a plurality of users of the cryptographic system, said method comprising:
-
in response to a recipient digitally signing a message containing rules of said cryptographic system, by which said recipient agrees to said rules, permitting said recipient to utilize said public key, said rules including a rule regarding maintaining secrecy of said public key; and prior to said recipient digitally signing said message, denying use of said public key. - View Dependent Claims (8, 9, 10, 11, 12, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
Specification