公开(公告)号：US08700894B2

公开(公告)日：2014-04-15

申请号：US11873673

申请日：2007-10-17

申请人： Bradley R. Hammell ,  Matthew J. Campagna ,  Bertrand Haas ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

发明人： Bradley R. Hammell ,  Matthew J. Campagna ,  Bertrand Haas ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

IPC分类号： H04L29/06 ,  H04L9/00 ,  H04L9/08

CPC分类号： H04L9/3073 ,  H04L9/3252 ,  H04L63/0464 ,  H04L63/062

摘要： Methods and systems for providing confidentiality of communications sent via a network that is efficient, easy to implement, and does not require significant key management. The identity of each node of the routing path of a communication is encrypted utilizing an identity-based encryption scheme. This allows each node of the routing path to decrypt only those portions of the routing path necessary to send the communication to the next node. Thus, each node will only know the immediate previous node from which the communication came, and the next node to which the communication is to be sent. The remainder of the routing path of the communication, along with the original sender and intended recipient, remain confidential from any intermediate nodes in the routing path. Use of the identity-based encryption scheme removes the need for significant key management to maintain the encryption/decryption keys.

摘要翻译： 提供通过网络发送的通信的机密性的方法和系统，其高效，易于实现，并且不需要重要的密钥管理。 使用基于身份的加密方案来加密通信的路由路径的每个节点的身份。 这允许路由路径的每个节点仅解密将通信发送到下一个节点所需的路由路径的那些部分。 因此，每个节点将仅知道来自该通信的即时先前节点以及要发送通信的下一个节点。 通信的路由路径的剩余部分以及原始发送者和预期接收者对路由路径中的任何中间节点保持机密。 使用基于身份的加密方案不需要进行重要的密钥管理来维护加密/解密密钥。

公开(公告)号：US20080306885A1

公开(公告)日：2008-12-11

申请号：US11810488

申请日：2007-06-06

申请人： Robert A. Cordery ,  Matthew J. Campagna ,  Bertrand Haas ,  Bradley R. Hammell ,  Leon A. Pintsov ,  Frederick W. Ryan, JR.

发明人： Robert A. Cordery ,  Matthew J. Campagna ,  Bertrand Haas ,  Bradley R. Hammell ,  Leon A. Pintsov ,  Frederick W. Ryan, JR.

IPC分类号： G06F17/00

CPC分类号： G07B17/00733 ,  G07B2017/00443 ,  G07B2017/00766 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/0087 ,  G07B2017/00959

摘要： Methods and systems for verification of indicia that do not require key management systems, and in which revocation of key pairs is easily performed without adding costs to the verification process are provided. Indicia are generated and authenticated utilizing an identity-based encryption (IBE) scheme. A key generating authority generates a private key for a PSD, distributes the private key securely to the PSD, and provides public information for use by a verification service when verifying cryptographic digital signatures generated with the private key. The corresponding public key is a string consisting of PSD information that is provided as part of the indicium. The verification service can verify the signature of each indicium by obtaining the public key string from the indicium, and utilizing the key generating authority's public information.

摘要翻译： 提供了用于验证不需要密钥管理系统的标记的方法和系统，并且容易地执行密钥对的撤销而不增加验证过程的成本。 使用基于身份的加密（IBE）方案来生成和认证标识符。 密钥生成机构为PSD生成私钥，将私钥安全地分配给PSD，并且在验证使用私钥生成的加密数字签名时，提供公开信息供验证服务使用。 相应的公钥是由作为标记的一部分提供的PSD信息组成的字符串。 验证服务可以通过从标记获取公钥字符串，并利用密钥生成机构的公开信息来验证每个标记的签名。

公开(公告)号：US20090103734A1

公开(公告)日：2009-04-23

申请号：US11873673

申请日：2007-10-17

申请人： Bradley R. Hammell ,  Matthew J. Campagna ,  Bertrand Haas ,  Leon A. Pintsov ,  Frederick W. Ryan, JR.

发明人： Bradley R. Hammell ,  Matthew J. Campagna ,  Bertrand Haas ,  Leon A. Pintsov ,  Frederick W. Ryan, JR.

IPC分类号： H04L9/08

CPC分类号： H04L9/3073 ,  H04L9/3252 ,  H04L63/0464 ,  H04L63/062

摘要： Methods and systems for providing confidentiality of communications sent via a network that is efficient, easy to implement, and does not require significant key management. The identity of each node of the routing path of a communication is encrypted utilizing an identity-based encryption scheme. This allows each node of the routing path to decrypt only those portions of the routing path necessary to send the communication to the next node. Thus, each node will only know the immediate previous node from which the communication came, and the next node to which the communication is to be sent. The remainder of the routing path of the communication, along with the original sender and intended recipient, remain confidential from any intermediate nodes in the routing path. Use of the identity-based encryption scheme removes the need for significant key management to maintain the encryption/decryption keys.

摘要翻译： 提供通过网络发送的通信的机密性的方法和系统，其高效，易于实现，并且不需要重要的密钥管理。 使用基于身份的加密方案来加密通信的路由路径的每个节点的身份。 这允许路由路径的每个节点仅解密将通信发送到下一个节点所需的路由路径的那些部分。 因此，每个节点将仅知道来自该通信的即时先前节点以及要发送通信的下一个节点。 通信的路由路径的剩余部分以及原始发送者和预期接收者对路由路径中的任何中间节点保持机密。 使用基于身份的加密方案不需要进行重要的密钥管理来维护加密/解密密钥。

公开(公告)号：US08676715B2

公开(公告)日：2014-03-18

申请号：US11810488

申请日：2007-06-06

申请人： Robert A. Cordery ,  Matthew J. Campagna ,  Bertrand Haas ,  Bradley R. Hammell ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

发明人： Robert A. Cordery ,  Matthew J. Campagna ,  Bertrand Haas ,  Bradley R. Hammell ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

IPC分类号： G06Q20/00

CPC分类号： G07B17/00733 ,  G07B2017/00443 ,  G07B2017/00766 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/0087 ,  G07B2017/00959

摘要： Methods and systems for verification of indicia that do not require key management systems, and in which revocation of key pairs is easily performed without adding costs to the verification process are provided. Indicia are generated and authenticated utilizing an identity-based encryption (IBE) scheme. A key generating authority generates a private key for a PSD, distributes the private key securely to the PSD, and provides public information for use by a verification service when verifying cryptographic digital signatures generated with the private key. The corresponding public key is a string consisting of PSD information that is provided as part of the indicium. The verification service can verify the signature of each indicium by obtaining the public key string from the indicium, and utilizing the key generating authority's public information.

摘要翻译： 提供了用于验证不需要密钥管理系统的标记的方法和系统，并且容易地执行密钥对的撤销而不增加验证过程的成本。 使用基于身份的加密（IBE）方案来生成和认证标识符。 密钥生成机构为PSD生成私钥，将私钥安全地分配给PSD，并且在验证使用私钥生成的加密数字签名时，提供公开信息供验证服务使用。 相应的公钥是由作为标记的一部分提供的PSD信息组成的字符串。 验证服务可以通过从标记获取公钥字符串，并利用密钥生成机构的公开信息来验证每个标记的签名。

公开(公告)号：US07434726B2

公开(公告)日：2008-10-14

申请号：US11434331

申请日：2006-05-15

申请人： Bradley R. Hammell ,  Matthew J. Campagna ,  Robert A. Cordery ,  Bertrand Haas ,  Leon A. Pintsov

发明人： Bradley R. Hammell ,  Matthew J. Campagna ,  Robert A. Cordery ,  Bertrand Haas ,  Leon A. Pintsov

IPC分类号： G06F19/00

CPC分类号： G06Q20/3823 ,  G06Q20/04 ,  G06Q20/10 ,  G06Q20/40

摘要： Methods and systems that prevent completion of postdated financial transactions until the specified future date is provided. A portion of the information necessary to complete a financial transaction is encrypted utilizing an identity-based encryption (IBE) scheme. The encryption key used to encrypt the information is associated with the date on which the transaction is authorized to be completed. The encrypted information is provided to the payee. The issuing bank provides a daily decryption key that allows decryption of information encrypted using the key associated with the corresponding date. Thus, only when the maturity date of the transaction has arrived will the payee or depositing bank be able to obtain the decryption key that will decrypt the encrypted information necessary to complete the transaction. Since the encrypted information can not be decrypted until the date associated with the encryption key, the financial transaction can not be completed until such date.

摘要翻译： 提供在指定的未来日期之前阻止完成后期金融交易的方法和系统。 使用基于身份的加密（IBE）方案来加密完成金融交易所需的一部分信息。 用于加密信息的加密密钥与交易被授权完成的日期相关联。 加密信息被提供给收款人。 开证行提供每日解密密钥，允许使用与相应日期相关联的密钥加密的信息进行解密。 因此，只有当交易的到期日到来时，收款人或存款银行才能获得将解密完成交易所必需的加密信息的解密密钥。 由于加密信息在与加密密钥相关的日期之前不能被解密，所以直到这样的日子才能完成金融交易。

公开(公告)号：US08719180B2

公开(公告)日：2014-05-06

申请号：US10951226

申请日：2004-09-27

申请人： Theresa Biasi ,  Robert A. Cordery ,  Andrei Obrea ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

发明人： Theresa Biasi ,  Robert A. Cordery ,  Andrei Obrea ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

IPC分类号： G06Q10/00 ,  G06Q30/00 ,  G06F17/00

CPC分类号： B07C3/00

摘要： A method and system for providing services to a mail delivery point are presented. According to the method, a delivery point identifier is acquired from a device located at the delivery point. Then, delivery point data is accessed corresponding to the delivery point identifier, and mail delivery services are provided in response to the delivery point data. The delivery point data are modifiable by a recipient who receives physical mail at the delivery point, and the delivery point data includes recipient preferences.

摘要翻译： 提出了一种向邮件传递点提供服务的方法和系统。 根据该方法，从位于传送点处的设备获取传送点标识符。 然后，对应于传送点标识符访问传送点数据，并且响应于传送点数据提供邮件传送服务。 传送点数据可由在传送点接收物理邮件的接收者修改，并且传送点数据包括接收者偏好。

公开(公告)号：US07249259B1

公开(公告)日：2007-07-24

申请号：US09390362

申请日：1999-09-07

申请人： Scott Alexander Vanstone ,  Robert Gallant ,  Robert J. Lambert ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Ari Singer

发明人： Scott Alexander Vanstone ,  Robert Gallant ,  Robert J. Lambert ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Ari Singer

IPC分类号： H04L9/00 ,  H04K1/00

CPC分类号： H04L9/3247 ,  H04L9/3252

摘要： A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion. If the required redundancy is present the signature is accepted and the message reconstructed from the recovered bit string and the visible portion.

摘要翻译： 提供一种签名方案，其中消息被分成隐藏的第一部分，并且在验证期间被恢复，并且第二部分是可见的并且被要求作为验证算法的输入。 通过单独加密第一部分来产生第一签名组件。 通过组合第一组件和可见部分并对其进行密码散列来形成中间组件。 然后使用中间部件形成第二签名部件，并且签名包括具有可见部分的第一和第二部件。 签名的验证将仅从消息的隐藏部分导出的第一组件与可见部分组合，并产生组合的散列。 所计算的散列与公开可用的信息一起使用以产生对应于隐藏部分的位串。 如果存在所需的冗余，则签名被接受，并且从恢复的位串和可见部分重建消息。

公开(公告)号：US06985888B1

公开(公告)日：2006-01-10

申请号：US09650174

申请日：2000-08-29

申请人： Robert A. Cordery ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

发明人： Robert A. Cordery ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

IPC分类号： G06F17/60

CPC分类号： G07B17/00733 ,  G06F7/725 ,  G06Q20/382 ,  G06Q30/018 ,  G06Q30/0283 ,  G07B17/00362 ,  G07B2017/00096 ,  G07B2017/00161 ,  G07B2017/00395 ,  G07B2017/00427 ,  G07B2017/00758 ,  G07B2017/00766 ,  G07B2017/00782 ,  G07B2017/00806 ,  G07B2017/0083 ,  G07B2017/00854 ,  G07B2017/00927 ,  H04L9/3213 ,  H04L9/3268 ,  H04L2209/56

摘要： A system and method include means for processing a cryptographic certificate adapted to provide security functionality. A register means is provided and means for adjusting the register means to account for services when the cryptographic certificate is processed. In accordance with anther aspect, a system and method include a register means for storing funds. Means are provided for processing a digital token providing proof of postage payment and means are also provided for processing a cryptographic certificate adapted to provide security functionality. Means debit funds stored in the register means when the digital token is processed and when the cryptographic certificate is processed. Processing the cryptographic certificate may involve many functions such as providing security services and/or certificate management functions (including generating and verifying cryptographic certificates) and/or key management functions and/or access to any needed private keys to perform security services. Processing the digital token may include generating the digital token or issuing the digital token.

公开(公告)号：US06898581B1

公开(公告)日：2005-05-24

申请号：US09650175

申请日：2000-08-29

申请人： Robert A. Cordery ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan Jr. ,  Monroe A. Weiant, Jr.

发明人： Robert A. Cordery ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan Jr. ,  Monroe A. Weiant, Jr.

IPC分类号： G06F7/72 ,  G07B17/00 ,  H04L9/32 ,  G06F17/60

CPC分类号： G07B17/00733 ,  G06F7/725 ,  G06Q20/382 ,  G06Q30/018 ,  G06Q30/0283 ,  G07B17/00362 ,  G07B2017/00096 ,  G07B2017/00161 ,  G07B2017/00395 ,  G07B2017/00427 ,  G07B2017/00758 ,  G07B2017/00766 ,  G07B2017/00782 ,  G07B2017/00806 ,  G07B2017/0083 ,  G07B2017/00854 ,  G07B2017/00927 ,  H04L9/3213 ,  H04L9/3268 ,  H04L2209/56

摘要： A system and method include means for processing a cryptographic certificate adapted to provide security functionality. A register means is provided and means for adjusting the register means to account for services when the cryptographic certificate is processed. In accordance with anther aspect, a system and method include a register means for storing funds. Means are provided for processing a digital token providing proof of postage payment and means are also provided for processing a cryptographic certificate adapted to provide security functionality. Means debit funds stored in the register means when the digital token is processed and when the cryptographic certificate is processed. Processing the cryptographic certificate may involve many functions such as providing security services and/or certificate management functions (including generating and verifying cryptographic certificates) and/or key management functions and/or access to any needed private keys to perform security services. Processing the digital token may include generating the digital token or issuing the digital token.

摘要翻译： 系统和方法包括用于处理适于提供安全功能的加密证书的装置。 提供了一种寄存器装置和用于调整寄存器装置以在处理加密证书时考虑服务的装置。 根据其他方面，系统和方法包括用于存储资金的寄存器装置。 提供了用于处理提供邮资支付证明的数字令牌的手段，还提供了用于处理适于提供安全功能的加密证书的手段。 存储在寄存器中的借方资金意味着处理数字令牌和处理密码证书时。 处理加密证书可能涉及许多功能，例如提供安全服务和/或证书管理功能（包括生成和验证加密证书）和/或密钥管理功能和/或访问任何所需的私钥以执行安全服务。 处理数字令牌可以包括生成数字令牌或发出数字令牌。

公开(公告)号：US6061671A

公开(公告)日：2000-05-09

申请号：US62058

申请日：1998-04-17

申请人： Walter J. Baker ,  Robert A. Cordery ,  Joseph L. Gargiulo ,  Richard W. Heiden ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

发明人： Walter J. Baker ,  Robert A. Cordery ,  Joseph L. Gargiulo ,  Richard W. Heiden ,  David K. Lee ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

IPC分类号： B65G61/00 ,  G06Q20/34 ,  G06Q20/40 ,  G07B17/00 ,  G07F7/10 ,  G07B17/02

CPC分类号： G07F7/1008 ,  G06Q20/341 ,  G06Q20/401 ,  G06Q20/4093 ,  G07B17/0008 ,  G07B17/00193 ,  G07F7/082 ,  G07B2017/00177 ,  G07B2017/00201 ,  G07B2017/00322 ,  G07B2017/0033 ,  G07B2017/00411 ,  G07B2017/0075 ,  G07B2017/00766 ,  G07B2017/00774 ,  G07B2017/00967

摘要： System and method for securely backing up and reliably retrieving vault data in a metering system that includes a host processor operatively coupled to a vault. Whenever a transaction is completed by the vault, the vault cryptographically signs the vault data, including ascending register, descending register and piece count and sends the cryptographically signed vault data to the host processor where it is stored in a data file assigned to the vault. Each storage of the cryptographically signed vault data is indexed to create a historical log of vault transactions. If the vault is lost or damaged so that vault data cannot be retrieved from the vault, the cryptographically signed vault data is retrieved from the host processor data file and verified.

摘要翻译： 用于在计量系统中安全地备份和可靠地检索保管库数据的系统和方法，所述计量系统包括可操作地耦合到保管库的主机处理器。 无论何时通过保管库完成事务，保管库将密码地签署保管库数据，包括升序寄存器，降序寄存器和块数，并将加密签名的保管库数据发送到主机处理器，并将其存储在分配给保管库的数据文件中。 对加密签名的保管库数据的每个存储进行索引，以创建保管库事务的历史日志。 如果保管库丢失或损坏，从而无法从保管库检索保管库数据，则从主处理器数据文件中检索加密签名的保管库数据并进行验证。