公开(公告)号：US08352380B2

公开(公告)日：2013-01-08

申请号：US11596548

申请日：2005-05-18

Applicant: Sebastien Canard ,  Marc Girault ,  Jacques Traore

Inventor： Sebastien Canard ,  Marc Girault ,  Jacques Traore

IPC: G06Q99/00 ,  H04L9/00

CPC classification number: H04L9/3255 ,  H04L2209/42 ,  H04L2209/463 ,  H04L2209/56

Abstract: The invention relates to a method for generating a list signature for a message to be signed, said method comprising steps which are carried out by an electronic material support of a member of a list. During said step, the electronic material support only generates an electronic signature according to a sequence number supplied to the electronic material support by a certifying authority, according to evidence of belonging to the list of members, to data relating to the electronic material support, and optionally to a key of an authority qualified to lift the anonymity of the generated signature.

Abstract translation: 本发明涉及一种用于生成要签名的消息的列表签名的方法，所述方法包括由列表的成员的电子资料支持来执行的步骤。 在所述步骤期间，电子材料支持仅根据由认证机构提供给电子资料支持的序列号，根据成员名单的证据，产生与电子资料支持有关的数据的电子签名，以及 可选地具有授权提升生成的签名的匿名性的机构的密钥。

公开(公告)号：US07819319B2

公开(公告)日：2010-10-26

申请号：US11168367

申请日：2005-06-29

Applicant: François Vernay ,  Jacques Traore ,  Antoine Bonamour

Inventor： François Vernay ,  Jacques Traore ,  Antoine Bonamour

IPC: G06K17/00 ,  G07C13/00 ,  G06F17/00 ,  G06F11/00 ,  G09B9/00 ,  G09B19/00

CPC classification number: H04L9/3263 ,  H04L9/3257 ,  H04L2209/42 ,  H04L2209/466

Abstract: A method and system for electronic voting over a network, from a terminal (Te) connected to an administrative server (SA) and to a vote-counting server (SCV). An authentication certificate (CA) and a single-use password (UPWe) are calculated and transmitted (A) from the server (SA) to the voter (Eu), an electronic ballot paper (EB) and an anonymous reference (AREu) are transmitted (B) from the terminal (Te) to the server (SCV) and, upon verification (B1) of the anonymous reference, the vote and the paper are validated (B3), the paper is counted, a confirmation of receipt (ACW) and an electoral register document (DVR) are transmitted from the server (SCV) to the terminal (Te). The terminal (Te) signs the register and transmits (C) the signed register (SDVR) to the server (SA) which closes (D1) the vote of the voter (Eu).

Abstract translation: 一种用于通过网络从连接到管理服务器（SA）的终端（Te）和投票计数服务器（SCV）进行电子投票的方法和系统。 从服务器（SA）到选民（Eu），电子选票（EB）和匿名参考（AREu）计算并发送认证证书（CA）和一次性密码（UPWe）（A） （B）从终端（Te）发送到服务器（SCV），经匿名参考验证（B1）后，投票和纸张（B3）进行验证（B3），将收据确认（ACW ）和选举登记文件（DVR）从服务器（SCV）发送到终端（Te）。 终端（Te）对寄存器进行签名，并将（C）有符号寄存器（SDVR）发送给关闭（D1）投票人（Eu）的服务器（SA）。

公开(公告)号：US07673144B2

公开(公告)日：2010-03-02

申请号：US10500311

申请日：2002-12-20

Applicant: David Arditti Modiano ,  Sébastien Canard ,  Marc Girault ,  Jacques Traore

Inventor： David Arditti Modiano ,  Sébastien Canard ,  Marc Girault ,  Jacques Traore

IPC: H04L9/00

CPC classification number: H04L9/3255

Abstract: The invention concerns a system enabling a member (M) of a group (G) to produce, by means of customized data (z; K), a message (m) accompanied by a signature (8) proving to a verifier that the message originates from a member of the group (G). The invention is characterized in that the customized data is in the form of an electronic physical medium (26). Advantageously, the latter also incorporates: encrypting means (B3) for producing a customized cipher (C) from the customized data prior to the signature S of the message (m), means (B5) for producing a combination of a message m to be signed and the cipher (C) associated with said message, for example in the form of a concatenation of the message (m) with the cipher (C), and means (B6) for signing (Sig) the message (m) with the customized data (z; K) in the form of a cipher (C) associated with said message. Advantageously, the physical medium is a smart card (26) or the like.

Abstract translation: 本发明涉及使得组（G）的成员（M）能够通过定制数据（z; K）产生伴随着签名（8）的消息（m）的系统，该签名（8）向验证者证明该消息 来自该组（G）的成员。 本发明的特征在于，定制数据是电子物理介质（26）的形式。 有利地，后者还包括：用于在消息（m）的签名S之前从定制数据产生定制密码（C）的加密装置（B3），用于产生消息m的组合的装置（B5） 签名和与所述消息相关联的密码（C），例如以消息（m）与密码（C）的级联的形式，以及用于与消息（m）签名（Sig）消息（M）的装置 以与所述消息相关联的密码（C）的形式的定制数据（z; K）。 有利地，物理介质是智能卡（26）等。

公开(公告)号：US20060000904A1

公开(公告)日：2006-01-05

申请号：US11168367

申请日：2005-06-29

Applicant: Francois Vernay ,  Jacques Traore ,  Antoine Bonamour

Inventor： Francois Vernay ,  Jacques Traore ,  Antoine Bonamour

IPC: G06F17/60 ,  G07C13/00

CPC classification number: H04L9/3263 ,  H04L9/3257 ,  H04L2209/42 ,  H04L2209/466

Abstract: A method and system for electronic voting over a network, from a terminal (Te) connected to an administrative server (SA) and to a vote-counting server (SCV). An authentication certificate (CA) and a single-use password (UPWe) are calculated and transmitted (A) from the server (SA) to the voter (Eu), an electronic ballot paper (EB) and an anonymous reference (AREu) are transmitted (B) from the terminal (Te) to the server (SCV) and, upon verification (B1) of the anonymous reference, the vote and the paper are validated (B3), the paper is counted, a confirmation of receipt (ACW) and an electoral register document (DVR) are transmitted from the server (SCV) to the terminal (Te). The terminal (Te) signs the register and transmits (C) the signed register (SDVR) to the server (SA) which closes (D1) the vote of the voter (Eu).

Abstract translation: 一种用于通过网络从连接到管理服务器（SA）的终端（Te）和投票计数服务器（SCV）进行电子投票的方法和系统。 从服务器（SA）到选民（Eu），电子选票（EB）和匿名参考（AREu）计算并发送认证证书（CA）和一次性密码（UPWe）（A） 从终端（Te）发送（B）到服务器（SCV），并且在匿名参考的验证（B <1> 1 ）之后，投票和纸张被验证（B < / SUB>），计算纸张，从服务器（SCV）向终端（Te）发送收据确认（ACW）和选举登记文件（DVR）。 终端（Te）对寄存器进行签名，并将（C）有符号寄存器（SDVR）发送给关闭（D <1> ）投票人（Eu）的服务器（SA）。

公开(公告)号：US20050278536A1

公开(公告)日：2005-12-15

申请号：US11070033

申请日：2005-03-02

Applicant: Sebastien Canard ,  Matthieu Gaud ,  Jacques Traore

Inventor： Sebastien Canard ,  Matthieu Gaud ,  Jacques Traore

IPC: H04L9/32 ,  H04L9/00

CPC classification number: H04L9/321 ,  H04L9/3257 ,  H04L2209/42

Abstract: In a fair blind signature process, a user interacts with a signer in order to complete a 7-tuple (A,e,s,t,xu,x,m) such that Ae=a0α1x α2m α3u α4t α5s (mod n), where a0, a1, a2, a3, a4 and a5 and n are elements of the Signer's public key (PUBKs). During the signature-issuing phase the user (U) provides the signer (S) with a data element (α1x) encrypted according to a key (f) known to a trusted authority (TA), and this data element (α1x) is disclosed during transmission of the signed message. Similarly, the signed message is transmitted associated with second encrypted data comprising a second data element (α3xu) encrypted according to a key (f) known to the trusted authority (TA), and this second data element (α3xu) is disclosed to the Signer during the signature-issuing phase. Thus, the trusted authority (TA) can revoke the anonymity of the digital signature.

Abstract translation: 在公平盲签名过程中，用户与签名者进行交互以完成7元组（A，e，s，t，x，x，x，m），使得A < α1α1α2α2α2α2α2α2 3 SUP> s （mod n），其中0 ，1 ，2 ，3 < SUB>，第4和第5和第n个是签名者公钥（PUBK ）的元素。 在签名发布阶段期间，用户（U）向签名者（S）提供根据已知的密钥（f）加密的数据元素（α<1> ^{x>）， 可信管理机构（TA），并且在发送签名消息期间公开该数据元素（α<1> x ）。 类似地，与第二加密数据相关联地发送签名的消息，该第二加密数据包括第二数据元素（α3，...，SUP） ）根据可信管理机构（TA）已知的密钥（f）加密，并且该第二数据元素（α3） SUB2> ）在签名发行阶段向签署者披露。 因此，可信管理机构（TA）可以撤销数字签名的匿名性。}

公开(公告)号：US20050169461A1

公开(公告)日：2005-08-04

申请号：US10500792

申请日：2002-12-13

Applicant: Sebastien Canard ,  Marc Girault ,  Jacques Traore

Inventor： Sebastien Canard ,  Marc Girault ,  Jacques Traore

IPC: G09C1/00 ,  H04L9/32 ,  H04K1/00

CPC classification number: H04L9/3255

Abstract: A cryptographic method and apparatus for anonymously signing a message. Added to the anonymous signature is another signature which is calculated (operation 13) using a private key common to all the members of a group authorized to sign and unknown to all revoked members. The private key is updated (operations 8, 11) at group level on each revocation within the group and at member level only on anonymous signing of a message by the member.

Abstract translation: 用于匿名签名消息的密码方法和装置。 添加到匿名签名是另一个计算的签名（操作13），使用对所有被撤销的成员授权签名和未知的组的所有成员共同的私钥。 在组内每个撤销的组级别和成员级别的私有密钥被更新（操作8,11），只有成员匿名签名消息。

公开(公告)号：US07840813B2

公开(公告)日：2010-11-23

申请号：US10534857

申请日：2003-11-14

Applicant: Sébastien Canard ,  Stéphane Guilloteau ,  Eric Malville ,  Jacques Traore

Inventor： Sébastien Canard ,  Stéphane Guilloteau ,  Eric Malville ,  Jacques Traore

IPC: H04L9/32

CPC classification number: H04L63/0823 ,  G06F21/33 ,  G06Q20/383 ,  G06Q40/04 ,  H04L9/3234 ,  H04L9/3255 ,  H04L63/08 ,  H04L2209/42

Abstract: The present invention relates to a method of access to a service consisting in i) identifying and registering a client (C), ii) authenticating the client to an anonymous certification authority, iii) authenticating the client by producing an anonymous signature and opening and maintaining an anonymous authentication session with a server (Se), and iv) selectively allowing contact between the server (Se) and the anonymous certification authority (ACA) to revoke the anonymity of the client (C) using the signature provided in step iii). The invention also relates to a system for opening and maintaining an authentication session guaranteeing non-repudiation.

Abstract translation: 本发明涉及一种访问服务的方法，该方法包括：i）识别和注册客户端（C），ii）向匿名证书颁发机构认证客户端，iii）通过产生匿名签名和开放和维护来认证客户端 与服务器（Se）的匿名认证会话，以及iv）使用在步骤iii）中提供的签名，选择性地允许服务器（Se）和匿名认证机构（ACA）之间的联系来撤销客户端（C）的匿名。 本发明还涉及一种用于打开和维护保证不可否认性的认证会话的系统。

公开(公告)号：US20100275009A1

公开(公告)日：2010-10-28

申请号：US12528470

申请日：2008-02-25

Applicant: Sébastien Canard ,  Eric Malville ,  Jacques Traore ,  Stéphane Guilloteau

Inventor： Sébastien Canard ,  Eric Malville ,  Jacques Traore ,  Stéphane Guilloteau

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/0421 ,  H04L9/3013 ,  H04L9/3257 ,  H04L63/0815 ,  H04L63/0823 ,  H04L63/126 ,  H04L2209/04

Abstract: The invention relates to a method for unique authentication of a user (U) by at least one service provider (SP), said method including a preliminary identity federation stage of federating an identity (user@sp) of said user for said service provider and an identity (user@idp) of the user (U) for an identity provider (IdP). According to the invention, said preliminary identity federation stage includes the steps of: the user (U) generating a user alias ([alias]) for that service provider (SP) and sending said identity provider (IdP) a masked alias ([alias]masked) deduced from said alias, the identity provider (IdP) associating said masked alias ([alias]masked) for that service provider (SP) with the identity (user@idp) of the user for the identity provider (IdP) and sending the user (U) elements for calculation by the user of a signature (σ) of a message (msg) containing the non-masked alias ([alias]), the user (U) calculating said signature (σ) and sending the service provider (SP) said message (msg) with said signature (σ), and the service provider (SP) verifying said signature (σ), authenticating the user (U), and associating said alias ([alias]) with the user's identity (user@sp) for the service provider (SP).

Abstract translation: 本发明涉及一种用于由至少一个服务提供商（SP）对用户（U）进行唯一认证的方法，所述方法包括联合用于所述服务提供商的所述用户的身份（user @ sp）的初步身份联合级，以及 身份提供者（IdP）的用户（U）的身份（user @ idp）。 根据本发明，所述初步身份联合阶段包括以下步骤：用户（U）为该服务提供商（SP）生成用户别名（[别名]），并且发送所述身份提供者（IdP）被掩蔽的别名（[别名 所述身份提供者（IdP）将用于该服务提供商（SP）的所述被屏蔽的别名（[alias] masked））与身份提供者（IdP）的用户的身份（user @ idp）相关联，并且 发送用户（U）元素以供用户计算包含非掩蔽别名（[别名]）的消息（msg）的签名（＆sgr），计算所述签名（＆sgr）的用户（U）和 使用所述签名（＆sgr）向所述服务提供商（SP）发送所述消息（msg）以及验证所述签名（＆sgr）的服务提供商（SP），认证所述用户（U），以及将所述别名（[alias] ）与服务提供商（SP）的用户身份（user @ sp）。

公开(公告)号：US07584363B2

公开(公告)日：2009-09-01

申请号：US11070033

申请日：2005-03-02

Applicant: Sébastien Canard ,  Matthieu Gaud ,  Jacques Traore

Inventor： Sébastien Canard ,  Matthieu Gaud ,  Jacques Traore

IPC: H04L9/00

CPC classification number: H04L9/321 ,  H04L9/3257 ,  H04L2209/42

Abstract: In a fair blind signature process, a user interacts with a signer in order to complete a 7-tuple (A,e,s,t,xu,x,m) such that Ae=a0a1xa2ma3xua4ta5s (mod n), where a0, a1, a2, a3, a4 and a5 and n are elements of the Signer's public key (PUBKs). During the signature-issuing phase the user (U) provides the signer (S) with a data element (a1x) encrypted according to a key (f) known to a trusted authority (TA), and this data element (a1x) is disclosed during transmission of the signed message. Similarly, the signed message is transmitted associated with second encrypted data comprising a second data element (a3xu) encrypted according to a key (f) known to the trusted authority (TA), and this second data element (a3xu) is disclosed to the Signer during the signature-issuing phase. Thus, the trusted authority (TA) can revoke the anonymity of the digital signature.

Abstract translation: 在公平盲签名过程中，用户与签名者进行交互以完成7元组（A，e，s，t，xu，x，m），使得Ae = a0a1xa2ma3x a4ta5s （mod n），其中a0，a1，a2，a3，a4和a5和n是签名者公钥（PUBK）的元素。 在签名发布阶段，用户（U）向签名者（S）提供根据可信管理机构（TA）已知的密钥（f）加密的数据元素（a1x），并且该数据元素（a1x）被公开 在传输签名的消息。 类似地，与第二加密数据相关联地发送签名的消息，该第二加密数据包括根据可信管理机构（TA）已知的密钥（f）加密的第二数据元素（a3x />），并且该第二数据元素 （a3x＆lt; / sub2））在签名发布阶段向签署者公开。 因此，可信管理机构（TA）可以撤销数字签名的匿名性。