-
公开(公告)号:US08983064B2
公开(公告)日:2015-03-17
申请号:US13620758
申请日:2012-09-15
CPC分类号: H04L9/0844 , G06F7/725 , H04L9/0841 , H04L9/3066 , H04L9/3252
摘要: A method of determining the integrity of a message exchanged between a pair of correspondents. The message is secured by embodying the message in a function of a public key derived from a private key selected by one of the correspondents. The method comprises first obtaining the public key. The public key is then subjected to at least one mathematical test to determine whether the public key satisfies predefined mathematical characteristics. Messages utilizing the public key are accepted if the public key satisfies the predefined mathematical characteristics.
-
公开(公告)号:US08359468B2
公开(公告)日:2013-01-22
申请号:US13172138
申请日:2011-06-29
IPC分类号: H04L9/00
CPC分类号: H04L9/3247 , G06Q20/341 , G06Q20/40975 , G07F7/1008 , H04L9/3066 , H04L9/3252 , H04L2209/04
摘要: The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual EIGamal or ECDSA type signature verification.
摘要翻译: 本发明涉及在安全通信系统中使用公共密钥方案的数字签名操作,特别是与智能卡等计算能力有限的处理器一起使用。 本发明描述了一种用于创建和认证数字签名的方法,包括以下步骤:选择第一会话参数k并生成从会话参数k导出的第一短期公钥,使用从第一数学函数导出的第一签名组件 短期公钥,选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件,并且不使用反向操作,使用第一和第二会话参数来计算第三签名组件 并将签名组件(s,r,c)作为掩蔽的数字签名发送到接收机计算机系统。 在接收机计算机系统中,通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s',以将签名组件(s',r)导出为未被屏蔽的数字签名。 验证这些签名组件,如通常的EIGAMAL或ECDSA类型的签名验证。
-
公开(公告)号:US07996676B2
公开(公告)日:2011-08-09
申请号:US12488652
申请日:2009-06-22
申请人: Donald B. Johnson , Scott A. Vanstone , Minghua Qu
发明人: Donald B. Johnson , Scott A. Vanstone , Minghua Qu
IPC分类号: H04L9/00
CPC分类号: H04L9/3247 , G06Q20/341 , G06Q20/40975 , G07F7/1008 , H04L9/3066 , H04L9/3252 , H04L2209/04
摘要: The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual ElGamal or ECDSA type signature verification.
摘要翻译: 本发明涉及在安全通信系统中使用公共密钥方案的数字签名操作,特别是与具有计算能力有限的处理器(例如“智能卡”)一起使用。 本发明描述了一种用于创建和认证数字签名的方法,包括以下步骤:选择第一会话参数k并生成从会话参数k导出的第一短期公钥,使用从第一数学函数导出的第一签名组件 短期公钥,选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件,并且不使用反向操作,使用第一和第二会话参数来计算第三签名组件 并将签名组件(s,r,c)作为掩蔽的数字签名发送到接收机计算机系统。 在接收机计算机系统中,通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s',以将签名组件(s',r)导出为未屏蔽的数字签名。 验证这些签名组件,如通常的ElGamal或ECDSA类型签名验证。
-
公开(公告)号:US07797539B2
公开(公告)日:2010-09-14
申请号:US09907935
申请日:2001-07-19
CPC分类号: H04L9/3242 , H04L9/3249
摘要: A method for communicating information between at least a pair of correspondents, the method comprising the steps of each of the correspondents selecting a plurality of cryptographic algorithms known to each of the correspondents. One of the correspondents applies the algorithms in a predetermined manner to a message for producing a set of processed information. The set of processed information is transmitted to the other correspondent. The other correspondent applies complimentary operations of the cryptographic schemes in accordance with the predetermined manner for deriving information related to the message from the processed information.
摘要翻译: 一种用于在至少一对记者之间传送信息的方法,所述方法包括以下步骤:每个通信对象选择每个记者已知的多个密码算法。 记者之一以预定的方式将算法应用于产生一组处理信息的消息。 处理后的信息集传送给其他记者。 其他记者根据预定的方式对加密方案进行补充操作,以从处理的信息中导出与消息有关的信息。
-
公开(公告)号:US07567669B2
公开(公告)日:2009-07-28
申请号:US10185735
申请日:2002-07-01
IPC分类号: H04L9/30
CPC分类号: H04L9/0844 , G06F7/725 , H04L9/0841 , H04L9/3066 , H04L9/3252
摘要: A method of determining the integrity of a message exchanged between a pair of correspondents. The message is secured by embodying the message in a function of a public key derived from a private key selected by one of the correspondents. The method comprises first obtaining the public key. The public key is then subjected to at least one mathematical test to determine whether the public key satisfies predefined mathematical characteristics. Messages utilizing the public key are accepted if the public key satisfies the predefined mathematical characteristics.
摘要翻译: 一种确定在一对记者之间交换的消息的完整性的方法。 通过将消息体现在由其中一个记者选择的私钥派生的公共密钥的功能中来保护消息。 该方法包括首先获得公钥。 然后对公钥进行至少一个数学测试,以确定公钥是否满足预定义的数学特性。 如果公钥满足预定义的数学特征,则接受使用公钥的消息。
-
公开(公告)号:US07552329B2
公开(公告)日:2009-06-23
申请号:US11882560
申请日:2007-08-02
申请人: Donald B. Johnson , Scott A. Vanstone , Minghua Ou
发明人: Donald B. Johnson , Scott A. Vanstone , Minghua Ou
IPC分类号: H04L9/00
CPC分类号: H04L9/3247 , G06Q20/341 , G06Q20/40975 , G07F7/1008 , H04L9/3066 , H04L9/3252 , H04L2209/04
摘要: The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual ElGamal or ECDSA type signature verification.
摘要翻译: 本发明涉及在安全通信系统中使用公共密钥方案的数字签名操作,特别是与具有计算能力有限的处理器(例如“智能卡”)一起使用。 本发明描述了一种用于创建和认证数字签名的方法,包括以下步骤:选择第一会话参数k并生成从会话参数k导出的第一短期公共密钥,计算从数学函数导出的第一签名组件r, 短期公钥,选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件,并且不使用反向操作,使用第一和第二会话参数来计算第三签名组件;以及 将签名组件(s,r,c)作为掩蔽的数字签名发送到接收机计算机系统。 在接收机计算机系统中,通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s',以将签名组件(s',r)导出为未屏蔽的数字签名。 验证这些签名组件,如通常的ElGamal或ECDSA类型签名验证。
-
7.发明授权Method and apparatus for cryptographically transforming an input block into an output block 失效用于将输入块加密地变换成输出块的方法和装置公开(公告)号:US06301362B1
公开(公告)日:2001-10-09
申请号:US09096615
申请日:1998-06-12
IPC分类号: H04L906
CPC分类号: H04L9/002 , H04L9/0625 , H04L2209/24
摘要: A method and apparatus for cryptographically transforming an input block into an output block. The input block has a first block size and is partitionable into a plurality of input subblocks having a second block size that is a submultiple of the first block size. To encrypt or decrypt, the input subblocks are passed through respective first substitution functions controlled by one or more keys to generate a first plurality of modified subblocks. The first plurality of modified subblocks are then passed through a mixing function to generate a second plurality of modified subblocks, each of which depends on each of the first plurality of modified subblocks. Finally, the second plurality of modified subblocks are passed through respective second substitution functions controlled by one or more keys to generate a plurality of output subblocks that are combinable into an output block.
摘要翻译: 一种用于将输入块密码变换为输出块的方法和装置。 输入块具有第一块大小并且可分割成具有第二块大小的多个输入子块,该第二块大小是第一块大小的次数。 为了加密或解密,输入子块通过由一个或多个键控制的相应的第一替换函数,以产生第一多个修改的子块。 第一多个经修改的子块然后被传递通过混合功能以产生第二多个修改的子块,每个子块依赖于第一多个修改子块中的每一个。 最后,第二多个经修改的子块通过由一个或多个密钥控制的相应的第二替换函数,以产生可组合成输出块的多个输出子块。
-
公开(公告)号:US06195433B1
公开(公告)日:2001-02-27
申请号:US09074540
申请日:1998-05-08
IPC分类号: H04L930
CPC分类号: H04L9/3066 , H04L2209/26
摘要: A method of generating a private key for use in a public key data communication system implemented between a pair of correspondents is disclosed. The method comprises the steps of generating a random number for use as a private key and testing the number against a predetermined set of criteria The criteria are chosen to determine the statistical randomness of the number. The random number is utilized as a key upon satisfying the criteria.
摘要翻译: 公开了一种生成用于在一对记者之间实现的公钥数据通信系统中的私钥的方法。 该方法包括以下步骤:产生用作私钥的随机数,并根据预定的准则集来测试该数。该标准被选择以确定该数的统计随机性。 随机数被用作满足标准的关键。
-
9.发明授权Secure cryptographic operations using control vectors generated inside a cryptographic facility 失效使用在加密设施内生成的控制向量来保护加密操作
公开(公告)号:US5432849A
公开(公告)日:1995-07-11
申请号:US103953
申请日:1993-08-10
CPC分类号: G06F12/1408
摘要: The invention described herein suggests methods of cryptographic key management based on control vectors in which the control vectors are generated or derived internal to a cryptographic facility implementing a set of cryptographic operations. The methods of alternate control vector enforcement described in the present application provide a high-integrity facility to ensure that cryptographic keys are used in a manner consistent with the type and usage attributes assigned to the keys by the originator of those keys. Since the control vectors are generated or derived internal to the cryptographic facility on the basis of data contained in each cryptographic service request to the cryptographic facility, control vectors need not be stored or managed outside the cryptographic facility.
摘要翻译: 本文所述的发明提出了基于控制向量的加密密钥管理方法,其中控制向量在实现一组密码操作的密码设施内部生成或导出。 在本申请中描述的替代控制向量实现的方法提供了高完整性设施,以确保以与这些密钥的发起者分配给密钥的类型和使用属性一致的方式使用加密密钥。 由于根据密码设备的每个密码服务请求中包含的数据,在密码设备的内部生成或导出控制向量,因此控制向量不需要在密码设备之外进行存储或管理。
-
公开(公告)号:US5301231A
公开(公告)日:1994-04-05
申请号:US834634
申请日:1992-02-12
申请人: Dennis G. Abraham , Daniela Henningsmeyer , John M. Hudson , Donald B. Johnson , An V. Le , Stephen M. Matyas , James V. Stevens
发明人: Dennis G. Abraham , Daniela Henningsmeyer , John M. Hudson , Donald B. Johnson , An V. Le , Stephen M. Matyas , James V. Stevens
CPC分类号: G06F9/30003 , G06F21/72 , G06F2207/7219
摘要: In a cryptographic module, a User Defined Function (UDF) facility is provided which provides users with the capability of defining and creating custom functions to meet their cryptographic processing needs. The cryptographic module is contained within a physically and logically secure environment and comprises a processing unit and memory connected to the processing unit. The memory includes code for translating User Defined Functions (UDFs) into a machine-readable form and at least one command for operating on the UDFs. The UDFs are loaded into and executed in the secure area of the cryptographic module without compromising the total security of the transaction security system.
摘要翻译: 在加密模块中,提供了一种用户定义功能(UDF)功能,可为用户提供定义和创建自定义功能以满足其加密处理需求的功能。 加密模块包含在物理和逻辑上安全的环境中,并且包括连接到处理单元的处理单元和存储器。 内存包括用于将用户定义函数(UDF)转换为机器可读形式的代码和至少一个用于在UDF上运行的命令。 UDF被加载到密码模块的安全区域并在其中执行,而不会影响交易安全系统的总体安全性。
-
-
-
-
-
-
-
-
-
搜索结果
68 条记录 (耗时 0.023 秒)
