公开(公告)号：US09246900B2

公开(公告)日：2016-01-26

申请号：US14252527

申请日：2014-04-14

Applicant: CERTICOM CORP.

Inventor： Matthew John Campagna ,  Robert John Lambert ,  James Robert Alfred

IPC: G06F7/04 ,  H04L29/06 ,  H04L9/08 ,  H04L9/30 ,  H04L9/32 ,  G06F17/30 ,  H04W12/04

CPC classification number: H04L63/08 ,  H04L9/083 ,  H04L9/0841 ,  H04L9/0844 ,  H04L9/0861 ,  H04L9/3066 ,  H04L9/3236 ,  H04L9/3263 ,  H04L29/06 ,  H04L63/062 ,  H04L63/0823 ,  H04W12/04

Abstract: A method and apparatus are disclosed for using a single credential request (e.g., registered public key or ECQV certificate) to obtain a plurality of credentials in a secure digital communication system having a plurality of trusted certificate authority CA entities and one or more subscriber entities A. In this way, entity A can be provisioned onto multiple PKI networks by leveraging a single registered public key or implicit certificate as a credential request to one or more CA entities to obtain additional credentials, where each additional credential can be used to derive additional public key-private key pairs for the entity A.

Abstract translation: 公开了一种用于使用单个凭证请求（例如，注册公钥或ECQV证书）在具有多个可信证书机构CA实体和一个或多个订户实体A的安全数字通信系统中获得多个凭证的方法和装置 以这种方式，可以通过利用单个注册公钥或隐式证书作为向一个或多个CA实体的凭证请求来获得附加证书来将实体A提供给多个PKI网络，其中每个附加证书可以用于导出附加公共 实体A的密钥 - 私钥对。

公开(公告)号：US20140156998A1

公开(公告)日：2014-06-05

申请号：US13690996

申请日：2012-11-30

Applicant: CERTICOM CORP.

Inventor： Robert John Lambert

IPC: G06F21/44

CPC classification number: G06F21/44 ,  G06F2221/2103 ,  H04L9/3236 ,  H04L9/3271 ,  H04L9/3273

Abstract: Challenge-response authentication protocols are disclosed herein, including systems and methods for a first device to authenticate a second device. In one embodiment, the following operations are performed by the first device: (a) sending to the second device: (i) a challenge value corresponding to an expected response value known by the first device, and (ii) a hiding value; (b) receiving from the second device a masked response value; (c) obtaining an expected masked response value from the expected response value and the hiding value; and (d) determining whether the expected masked response value matches the masked response value received from the second device. The operations from the perspective of the second device are also disclosed, which in some embodiments include computing the masked response value using the challenge value, the hiding value, and secret information known to the second device.

公开(公告)号：US20170012946A1

公开(公告)日：2017-01-12

申请号：US14930179

申请日：2015-11-02

Applicant: BlackBerry Limited ,  Certicom Corp.

Inventor： Robert John Lambert ,  Daniel Richard L. Brown ,  Atsushi Yamada

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/30 ,  H04L9/08 ,  H04L9/14

CPC classification number: H04L63/0428 ,  H04L9/0637 ,  H04L9/0841 ,  H04L9/0861 ,  H04L9/14 ,  H04L9/3066 ,  H04L9/3242 ,  H04L63/06

Abstract: In some aspects, an encryption method comprises encrypting a first portion of a message using a first secret key. The first secret key is generated based on the public key of an entity. A one-way function is used to generate a second secret key from the first secret key, and the first secret key is subsequently discarded. A second portion of the message is encrypted using the second secret key. The encrypted first portion of the message and the encrypted second portion of the message are provided to the entity.

Abstract translation: 在一些方面，加密方法包括使用第一秘密密钥加密消息的第一部分。 第一个秘密密钥是根据实体的公钥生成的。 单向函数用于从第一秘密密钥生成第二秘密密钥，并且随后丢弃第一秘密密钥。 消息的第二部分使用第二秘密密钥进行加密。 将消息的加密的第一部分和消息的加密的第二部分提供给实体。

公开(公告)号：US09178699B2

公开(公告)日：2015-11-03

申请号：US14073379

申请日：2013-11-06

Applicant: BlackBerry Limited ,  Certicom Corp.

Inventor： Robert John Lambert ,  Daniel Richard L. Brown ,  Atsushi Yamada

IPC: H04L9/00 ,  H04L9/08 ,  H04L9/30 ,  H04L9/06 ,  H04L9/32

CPC classification number: H04L63/0428 ,  H04L9/0637 ,  H04L9/0841 ,  H04L9/0861 ,  H04L9/14 ,  H04L9/3066 ,  H04L9/3242 ,  H04L63/06

Abstract: In some aspects, an encryption method comprises encrypting a first portion of a message using a first secret key. The first secret key is generated based on the public key of an entity. A one-way function is used to generate a second secret key from the first secret key, and the first secret key is subsequently discarded. A second portion of the message is encrypted using the second secret key. The encrypted first portion of the message and the encrypted second portion of the message are provided to the entity.

Abstract translation: 在一些方面，加密方法包括使用第一秘密密钥加密消息的第一部分。 第一个秘密密钥是根据实体的公钥生成的。 单向函数用于从第一秘密密钥生成第二秘密密钥，并且随后丢弃第一秘密密钥。 消息的第二部分使用第二秘密密钥进行加密。 将消息的加密的第一部分和消息的加密的第二部分提供给实体。

公开(公告)号：US09148282B2

公开(公告)日：2015-09-29

申请号：US13920426

申请日：2013-06-18

Applicant: Certicom Corp.

Inventor： Robert John Lambert

IPC: H04L9/30 ,  G06F7/72

CPC classification number: H04L9/3066 ,  G06F7/72 ,  G06F7/725

Abstract: A method is presented to compute square roots of finite field elements from the prime finite field of characteristic p over which points lie on a defined elliptic curve. Specifically, while performing point decompression of points that lie on a standardized elliptic curve over a prime finite field of characteristic 2224−296+1, the present method utilizes short Lucas sub-sequences to optimize the implementation of a modified version of Mueller's square root algorithm, to find the square root modulo of a prime number. The resulting method is at least twice as fast as standard methods employed for square root computations performed on elliptic curves.

Abstract translation: 提出了一种从特征p的主有限域计算有限域元素的平方根的方法，其中点位于定义的椭圆曲线上。 具体来说，当在特征2224-296 + 1的主要有限域上执行位于标准化椭圆曲线上的点的点解压缩时，本方法利用短Lucas子序列来优化Mueller平方根算法的修改版本的实现 ，找到素数的平方根模。 所得到的方法至少是用于在椭圆曲线上进行的平方根计算的标准方法的两倍。

公开(公告)号：US09100773B2

公开(公告)日：2015-08-04

申请号：US13690001

申请日：2012-11-30

Applicant: Research In Motion Limited ,  Certicom Corp.

Inventor： Robert John Lambert ,  Neil Patrick Adams ,  Ravi Singh ,  Salvatore Federico Barbieri

IPC: H04B5/00 ,  H04W4/00 ,  H04L29/06 ,  H04W12/10

CPC classification number: H04W4/008 ,  H04L63/0492 ,  H04L63/126 ,  H04W4/80 ,  H04W12/10

Abstract: In some aspects of what is described here, a first wireless device detects proximity of a second wireless device (e.g., by a Near Field Communication (NFC) interface or another type of interface). Based on detecting proximity of the second wireless device, the first wireless device generates a recommendation request from information received from the second wireless device. The first wireless device sends the recommendation request to a trusted authority and receives a response. The response includes the trusted authority's recommendation whether to trust the second wireless device. The first wireless device can determine whether to trust the second wireless device based on the recommendation.

公开(公告)号：US20140380056A1

公开(公告)日：2014-12-25

申请号：US13925299

申请日：2013-06-24

Applicant: CERTICOM CORP. ,  RESEARCH IN MOTION LIMITED

Inventor： Michael Eoin BUCKLEY ,  Michael Charles Hollatz ,  Robert John Lambert ,  Nevine Maurice Nassif Ebeid

IPC: H04L29/06

CPC classification number: H04L63/306 ,  H04L9/0847 ,  H04L9/14 ,  H04L9/3073 ,  H04L9/3252 ,  H04L9/3263 ,  H04L9/3297 ,  H04L61/6054 ,  H04L63/0435 ,  H04L63/06 ,  H04L63/0876 ,  H04L2209/80 ,  H04M3/2281 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: A method is presented for secure communication, the method including generating a signature using a private key, a nonce, and at least one of an identifier and a key component; and transmitting the signature, the nonce, a security parameter, and the at least one of the identifier and the key component, wherein the security parameter associates a user identity with a public key, the public key being associated with the private key.

Abstract translation: 提出了一种用于安全通信的方法，所述方法包括使用私钥，随机数，以及标识符和密钥分量中的至少一个生成签名; 以及发送所述签名，所述随机数，安全参数以及所述标识符和所述密钥组件中的至少一个，其中所述安全参数将用户身份与公钥相关联，所述公钥与所述私钥相关联。

公开(公告)号：US10284370B2

公开(公告)日：2019-05-07

申请号：US14318313

申请日：2014-06-27

Applicant: Certicom Corp.

Inventor： Marinus Struik ,  Daniel Richard L. Brown ,  Scott Alexander Vanstone ,  Robert Philip Gallant ,  Adrian Antipa ,  Robert John Lambert

IPC: H04L29/06 ,  H04L9/30 ,  G06F7/72 ,  H04L9/32

Abstract: Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and that v=w/z. The verification equality R=uG+vQ may then be computed as −zR+(uz mod n)G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained.

公开(公告)号：US09825919B2

公开(公告)日：2017-11-21

申请号：US14930179

申请日：2015-11-02

Applicant: BlackBerry Limited ,  Certicom Corp.

Inventor： Robert John Lambert ,  Daniel Richard L. Brown ,  Atsushi Yamada

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/30 ,  H04L9/06 ,  H04L9/32 ,  H04L9/14

CPC classification number: H04L63/0428 ,  H04L9/0637 ,  H04L9/0841 ,  H04L9/0861 ,  H04L9/14 ,  H04L9/3066 ,  H04L9/3242 ,  H04L63/06

Abstract: In some aspects, an encryption method comprises encrypting a first portion of a message using a first secret key. The first secret key is generated based on the public key of an entity. A one-way function is used to generate a second secret key from the first secret key, and the first secret key is subsequently discarded. A second portion of the message is encrypted using the second secret key. The encrypted first portion of the message and the encrypted second portion of the message are provided to the entity.

公开(公告)号：US09467283B2

公开(公告)日：2016-10-11

申请号：US13925299

申请日：2013-06-24

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP.

Inventor： Michael Eoin Buckley ,  Michael Charles Hollatz ,  Robert John Lambert ,  Nevine Maurice Nassif Ebeid

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/30 ,  H04L9/32 ,  H04W12/02

CPC classification number: H04L63/306 ,  H04L9/0847 ,  H04L9/14 ,  H04L9/3073 ,  H04L9/3252 ,  H04L9/3263 ,  H04L9/3297 ,  H04L61/6054 ,  H04L63/0435 ,  H04L63/06 ,  H04L63/0876 ,  H04L2209/80 ,  H04M3/2281 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: A method is presented for secure communication, the method including generating a signature using a private key, a nonce, and at least one of an identifier and a key component; and transmitting the signature, the nonce, a security parameter, and the at least one of the identifier and the key component, wherein the security parameter associates a user identity with a public key, the public key being associated with the private key.

Abstract translation: 提出了一种用于安全通信的方法，所述方法包括使用私钥，随机数，以及标识符和密钥分量中的至少一个生成签名; 以及发送所述签名，所述随机数，安全参数以及所述标识符和所述密钥组件中的至少一个，其中所述安全参数将用户身份与公钥相关联，所述公钥与所述私钥相关联。