公开(公告)号：US08732467B2

公开(公告)日：2014-05-20

申请号：US13730440

申请日：2012-12-28

Applicant: Certicom Corp.

Inventor： Scott Alexander Vanstone ,  Donald B. Johnson ,  Minghua Qu

IPC: H04L9/00

CPC classification number: H04L9/3247 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1008 ,  H04L9/3066 ,  H04L9/3252 ,  H04L2209/04

Abstract: A method for creating and authenticating a digital signature is provided, including selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system, a recovered second signature component s′ is computed by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature.

Abstract translation: 提供了一种用于创建和认证数字签名的方法，包括选择第一会话参数k并生成从会话参数k导出的第一短期公钥，使用短期计算从第一数学函数导出的第一签名组件r 公开密钥，选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件，并且不使用反向操作，使用第一和第二会话参数来计算第三签名组件，并且发送 签名组件（s，r，c）作为屏蔽数字签名到接收机计算机系统。 在接收机计算机系统中，通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s'，以将签名组件（s'，r）导出为未屏蔽的数字签名。

公开(公告)号：US20130145168A1

公开(公告)日：2013-06-06

申请号：US13730440

申请日：2012-12-28

Applicant: CERTICOM CORP.

Inventor： Scott Alexander Vanstone ,  Donald B. Johnson ,  Minghua Qu

IPC: H04L9/32

CPC classification number: H04L9/3247 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1008 ,  H04L9/3066 ,  H04L9/3252 ,  H04L2209/04

Abstract: A method for creating and authenticating a digital signature is provided, including selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system, a recovered second signature component s′ is computed by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature.

Abstract translation: 提供了一种用于创建和认证数字签名的方法，包括选择第一会话参数k并生成从会话参数k导出的第一短期公钥，使用短期计算从第一数学函数导出的第一签名组件r 公开密钥，选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件，并且不使用反向操作，使用第一和第二会话参数来计算第三签名组件，并且发送 签名组件（s，r，c）作为屏蔽数字签名到接收机计算机系统。 在接收机计算机系统中，通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s'，以将签名组件（s'，r）导出为未屏蔽的数字签名。

公开(公告)号：US20140229730A1

公开(公告)日：2014-08-14

申请号：US14257781

申请日：2014-04-21

Applicant: Certicom Corp.

Inventor： Minghua Qu ,  Scott A. Vanstone

IPC: H04L9/32

CPC classification number: H04L9/3263 ,  H04L9/0844 ,  H04L9/3247

Abstract: A method of generating a public key in a secure digital communication system, having at least one trusted entity CA and subscriber entities A. For each entity A, the trusted entity selects a unique identity distinguishing the entity A. The trusted entity then generates a public key reconstruction public data of the entity A by mathematically combining public values obtained from respective private values of the trusted entity and the entity A. The unique identity and public key reconstruction public data of the entity A serve as A's implicit certificate. The trusted entity combines the implicit certificate information with a mathematical function to derive an entity information ƒ and generates a value kA by binding with ƒ with private values of the trusted entity. The trusted entity transmits the value kA to the entity to permit A to generate a private key from kA, A's private value and A's implicit certificate. The entity A's public key information may be reconstructed from public information, and A's implicit certificate.

Abstract translation: 一种在安全数字通信系统中生成公共密钥的方法，其具有至少一个可信实体CA和订户实体A.对于每个实体A，可信实体选择区分实体A的唯一标识。然后，可信实体生成公共 通过数字地组合从可信实体和实体A的各私有值获得的公共值，实体A的关键重建公共数据。实体A的唯一身份和公钥重建公共数据作为A的隐式证书。 可信实体将隐式证书信息与数学函数组合以导出实体信息ƒ并通过与ƒ与可信实体的私有值绑定来生成值kA。 可信实体将值kA发送给实体，以允许A从kA，A的私有值和A的隐式证书生成私钥。 实体A的公钥信息可以从公共信息和A的隐式证书重建。