System and method for digital signatures and authentication
First Claim
1. A cryptographic system for generating digital signatures, comprising:
- (a) a memory configured to store secret data, encrypted data, authentication data and a public key;
(b) a receiver configured to receive an input message;
(c) a secret data extracting unit configured to extract secret data blocks from the secret data;
(d) a data block extracting unit configured to extract encrypted data blocks from the encrypted data;
(e) an authentication data block extracting unit configured to extract authentication data blocks from the authentication data;
(f) a counter unit configured to update a counter; and
(g) a sending unit configured to send a digital signature of the input message,wherein the digital signature includes the extracted secret data blocks, the extracted encrypted data blocks and the extracted authentication data blocks,wherein the secret data extracting unit is further configured to effect operations to;
(c-1) scan one bit of the input message,(c-2) access a pair of secret data blocks in the secret data,(c-3) reveal one secret data block in the pair if the bit is zero, and reveal the other secret data block in the pair if the bit is one,(c-4) erase the pair from the secret data, and(c-5) iterate the above operations for all bits of the input message, whereby the digital signatures include the revealed secret data blocks.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for authentication and digital signatures on memory-only supports, comprising a read-once memory unit storing secret arrays, whose contents are destroyed upon reading, a standard memory unit storing encrypted arrays, tree data authenticating the encrypted arrays to one single public key, and a certificate of the public key issued by a certificate authority. The memory support sends its public key and certificate to a verifier, receives a challenge which is signed by elements from secret arrays in the read-once memory. The verifier system checks the authenticity of the data revealed from the read-once memory by encrypting it and comparing the result to one of the encrypted arrays, and verifies that the encrypted array authenticates to the public key using tree data. Finally, the verifier checks the authenticity of the public key using the certificate.
37 Citations
15 Claims
-
1. A cryptographic system for generating digital signatures, comprising:
-
(a) a memory configured to store secret data, encrypted data, authentication data and a public key; (b) a receiver configured to receive an input message; (c) a secret data extracting unit configured to extract secret data blocks from the secret data; (d) a data block extracting unit configured to extract encrypted data blocks from the encrypted data; (e) an authentication data block extracting unit configured to extract authentication data blocks from the authentication data; (f) a counter unit configured to update a counter; and (g) a sending unit configured to send a digital signature of the input message, wherein the digital signature includes the extracted secret data blocks, the extracted encrypted data blocks and the extracted authentication data blocks, wherein the secret data extracting unit is further configured to effect operations to; (c-1) scan one bit of the input message, (c-2) access a pair of secret data blocks in the secret data, (c-3) reveal one secret data block in the pair if the bit is zero, and reveal the other secret data block in the pair if the bit is one, (c-4) erase the pair from the secret data, and (c-5) iterate the above operations for all bits of the input message, whereby the digital signatures include the revealed secret data blocks. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of generating digital signatures, comprising:
-
(a) providing a memory configured to store secret data, encrypted data, authentication data and a public key; (b) receiving an input message; (c) extracting secret data blocks from the secret data; (d) extracting encrypted data blocks from the encrypted data; (e) extracting authentication data blocks from the authentication data; (f) updating a counter; and (g) sending a digital signature of the input message, wherein the digital signature includes the extracted secret data blocks, the extracted encrypted data blocks and the extracted authentication data blocks, wherein the extracting secret data blocks further includes operations of; (c-1) scanning one bit of the input message, (c-2) accessing a pair of secret data blocks in the secret data, (c-3) revealing one secret data block in the pair if the bit is zero, and revealing the other secret data block in the pair if the bit is one, (c-4) erasing the pair from the secret data, and (c-5) iterating the above operations for all bits of the input message, whereby the digital signatures include the revealed secret data blocks. - View Dependent Claims (12, 13, 14, 15)
-
Specification