公开(公告)号：US07260723B2

公开(公告)日：2007-08-21

申请号：US09773665

申请日：2001-02-02

申请人： Donald B. Johnson ,  Scott A. Vanstone ,  Minghua Ou

发明人： Donald B. Johnson ,  Scott A. Vanstone ,  Minghua Ou

IPC分类号： H04L9/00

CPC分类号： H04L9/3247 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1008 ,  H04L9/3066 ,  H04L9/3252 ,  H04L2209/04

摘要： The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual ElGamal or ECDSA type signature verification.

摘要翻译： 本发明涉及在安全通信系统中使用公共密钥方案的数字签名操作，特别是与具有计算能力有限的处理器（例如“智能卡”）一起使用。 本发明描述了一种用于创建和认证数字签名的方法，包括以下步骤：选择第一会话参数k并生成从会话参数k导出的第一短期公钥，使用从第一数学函数导出的第一签名组件 短期公钥，选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件，并且不使用反向操作，使用第一和第二会话参数来计算第三签名组件 并将签名组件（s，r，c）作为掩蔽的数字签名发送到接收机计算机系统。 在接收机计算机系统中，通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s'，以将签名组件（s'，r）导出为未屏蔽的数字签名。 验证这些签名组件，如通常的ElGamal或ECDSA类型签名验证。

公开(公告)号：US07552329B2

公开(公告)日：2009-06-23

申请号：US11882560

申请日：2007-08-02

申请人： Donald B. Johnson ,  Scott A. Vanstone ,  Minghua Ou

发明人： Donald B. Johnson ,  Scott A. Vanstone ,  Minghua Ou

IPC分类号： H04L9/00

CPC分类号： H04L9/3247 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1008 ,  H04L9/3066 ,  H04L9/3252 ,  H04L2209/04

摘要： The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual ElGamal or ECDSA type signature verification.

摘要翻译： 本发明涉及在安全通信系统中使用公共密钥方案的数字签名操作，特别是与具有计算能力有限的处理器（例如“智能卡”）一起使用。 本发明描述了一种用于创建和认证数字签名的方法，包括以下步骤：选择第一会话参数k并生成从会话参数k导出的第一短期公共密钥，计算从数学函数导出的第一签名组件r， 短期公钥，选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件，并且不使用反向操作，使用第一和第二会话参数来计算第三签名组件;以及 将签名组件（s，r，c）作为掩蔽的数字签名发送到接收机计算机系统。 在接收机计算机系统中，通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s'，以将签名组件（s'，r）导出为未屏蔽的数字签名。 验证这些签名组件，如通常的ElGamal或ECDSA类型签名验证。

公开(公告)号：US08953787B2

公开(公告)日：2015-02-10

申请号：US13527891

申请日：2012-06-20

申请人： Scott A. Vanstone ,  Alfred John Menezes ,  Minghua Qu ,  Donald B. Johnson

发明人： Scott A. Vanstone ,  Alfred John Menezes ,  Minghua Qu ,  Donald B. Johnson

IPC分类号： H04L9/30 ,  H04L9/08 ,  H04L9/32 ,  G06F7/72

CPC分类号： H04L9/0844 ,  G06F7/725 ,  H04L9/0841 ,  H04L9/3066 ,  H04L9/3252

摘要： A method of determining the integrity of a message exchanged between a pair of correspondents. The message is secured by embodying the message in a function of a public key derived from a private key selected by one of the correspondents. The method comprises first obtaining the public key. The public key is then subjected to at least one mathematical test to determine whether the public key satisfies predefined mathematical characteristics. Messages utilizing the public key are accepted if the public key satisfies the predefined mathematical characteristics.

公开(公告)号：US20110258455A1

公开(公告)日：2011-10-20

申请号：US13172138

申请日：2011-06-29

申请人： Donald B. Johnson ,  Scott A. Vanstone ,  Minghua Qu

发明人： Donald B. Johnson ,  Scott A. Vanstone ,  Minghua Qu

IPC分类号： H04L9/32

CPC分类号： H04L9/3247 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1008 ,  H04L9/3066 ,  H04L9/3252 ,  H04L2209/04

摘要： The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual EIGamal or ECDSA type signature verification.

摘要翻译： 本发明涉及在安全通信系统中使用公共密钥方案的数字签名操作，特别是与具有计算能力有限的处理器（例如“智能卡”）一起使用。 本发明描述了一种用于创建和认证数字签名的方法，包括以下步骤：选择第一会话参数k并生成从会话参数k导出的第一短期公钥，使用从第一数学函数导出的第一签名组件 短期公钥，选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件，并且不使用反向操作，使用第一和第二会话参数来计算第三签名组件 并将签名组件（s，r，c）作为掩蔽的数字签名发送到接收机计算机系统。 在接收机计算机系统中，通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s'，以将签名组件（s'，r）导出为未屏蔽的数字签名。 验证这些签名组件，如通常的EIGAMAL或ECDSA类型的签名验证。

公开(公告)号：US06337909B1

公开(公告)日：2002-01-08

申请号：US08948796

申请日：1997-10-10

申请人： Scott A. Vanstone ,  Donald B. Johnson ,  Robert J. Lambert ,  Ronald C. Mullin

发明人： Scott A. Vanstone ,  Donald B. Johnson ,  Robert J. Lambert ,  Ronald C. Mullin

IPC分类号： H04L928

CPC分类号： H04L9/3013 ,  G06F7/725 ,  H04L9/3066

摘要： The public key, either short term “session” key or long term key, is generated by combining a pair of components. A first component is obtained by utilizing an integer with a relatively low Hamming weight as an exponent to facilitate exponentiation. The second component is a precomputed secret value that is of the form resulting from the exponentiation of the generator of the group element by an integer that has the requisite Hamming weight. The two components are combined to provide the public key and the two exponents combined to provide the corresponding private key.

摘要翻译： 通过组合一对组件来生成公钥，短期“会话”密钥或长期密钥。 通过利用具有相对较低的汉明重量的整数作为指数来获得第一分量以促成取幂。 第二个组件是预先计算的秘密值，其形式是由组元素的生成器乘以具有所需汉明权重的整数而产生的。 组合两个组件以提供公钥和两个指数组合以提供相应的私钥。

公开(公告)号：US20100014663A1

公开(公告)日：2010-01-21

申请号：US12458468

申请日：2009-07-13

申请人： Scott A. Vanstone ,  Alfred John Menezes ,  Minghua Qu ,  Donald B. Johnson

发明人： Scott A. Vanstone ,  Alfred John Menezes ,  Minghua Qu ,  Donald B. Johnson

IPC分类号： H04L9/30 ,  H04L9/00

CPC分类号： H04L9/0844 ,  G06F7/725 ,  H04L9/0841 ,  H04L9/3066 ,  H04L9/3252

摘要： A method of determining the integrity of a message exchanged between a pair of correspondents. The message is secured by embodying the message in a function of a public key derived from a private key selected by one of the correspondents. The method comprises first obtaining the public key. The public key is then subjected to at least one mathematical test to determine whether the public key satisfies predefined mathematical characteristics. Messages utilizing the public key are accepted if the public key satisfies the predefined mathematical characteristics.

摘要翻译： 一种确定在一对记者之间交换的消息的完整性的方法。 通过将消息体现在由其中一个记者选择的私钥派生的公共密钥的功能中来保护消息。 该方法包括首先获得公钥。 然后对公钥进行至少一个数学测试，以确定公钥是否满足预定义的数学特性。 如果公钥满足预定义的数学特征，则接受使用公钥的消息。

公开(公告)号：US20090319790A1

公开(公告)日：2009-12-24

申请号：US12488652

申请日：2009-06-22

申请人： Donald B. Johnson ,  Scott A. Vanstone ,  Minghua Qu

发明人： Donald B. Johnson ,  Scott A. Vanstone ,  Minghua Qu

IPC分类号： H04L9/00

CPC分类号： H04L9/3247 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1008 ,  H04L9/3066 ,  H04L9/3252 ,  H04L2209/04

摘要： The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual ElGamal or ECDSA type signature verification.

摘要翻译： 本发明涉及在安全通信系统中使用公共密钥方案的数字签名操作，特别是与具有计算能力有限的处理器（例如“智能卡”）一起使用。 本发明描述了一种用于创建和认证数字签名的方法，包括以下步骤：选择第一会话参数k并生成从会话参数k导出的第一短期公钥，使用从第一数学函数导出的第一签名组件 短期公钥，选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件，并且不使用反向操作，使用第一和第二会话参数来计算第三签名组件 并将签名组件（s，r，c）作为掩蔽的数字签名发送到接收机计算机系统。 在接收机计算机系统中，通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s'，以将签名组件（s'，r）导出为未屏蔽的数字签名。 验证这些签名组件，如通常的ElGamal或ECDSA类型签名验证。

公开(公告)号：US06424712B1

公开(公告)日：2002-07-23

申请号：US08953637

申请日：1997-10-17

申请人： Scott A. Vanstone ,  Donald B. Johnson

发明人： Scott A. Vanstone ,  Donald B. Johnson

IPC分类号： H04L928

摘要： A public key encryption system exchanges information between a pair of correspondents. The recipient performs computations on the received data to recover the transmitted data or verify the identity of the sender. The data transferred includes supplementary information that relates to intermediate steps in the computations performed by the recipient.

公开(公告)号：US06279110B1

公开(公告)日：2001-08-21

申请号：US08966702

申请日：1997-11-10

申请人： Donald B. Johnson ,  Scott A. Vanstone ,  Minghua Qu

发明人： Donald B. Johnson ,  Scott A. Vanstone ,  Minghua Qu

IPC分类号： H04L930

CPC分类号： H04L9/3247 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1008 ,  H04L9/3066 ,  H04L9/3252 ,  H04L2209/04

摘要： The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual ElGamal or ECDSA type signature verification.

摘要翻译： 本发明涉及在安全通信系统中使用公共密钥方案的数字签名操作，特别是与具有有限计算能力的处理器（例如“智能卡”一起使用）一起使用本发明描述了一种用于创建和认证数字签名的方法，包括步骤 选择第一会话参数k并生成从会话参数k导出的第一短期公钥，使用短期公钥计算从第一数学函数导出的第一签名组件r，选择第二会话参数t并计算 使用第二会话参数t从第二数学函数导出并且不使用反向操作的第二签名组件s，使用第一和第二会话参数来计算第三签名组件，并将签名组件（s，r，c）发送为蒙版 接收机计算机系统的数字签名 通过将第三签名组件与第二签名组件组合来导出恢复的第二签名组件s'，以将签名组件（s'，r）导出为未被屏蔽的数字签名。 验证这些签名组件，如通常的ElGamal或ECDSA类型签名验证。

公开(公告)号：US08983064B2

公开(公告)日：2015-03-17

申请号：US13620758

申请日：2012-09-15

申请人： Scott A. Vanstone ,  Alfred John Menezes ,  Minghua Qu ,  Donald B. Johnson

发明人： Scott A. Vanstone ,  Alfred John Menezes ,  Minghua Qu ,  Donald B. Johnson

IPC分类号： H04L9/30 ,  H04L9/08 ,  H04L9/32 ,  G06F7/72

CPC分类号： H04L9/0844 ,  G06F7/725 ,  H04L9/0841 ,  H04L9/3066 ,  H04L9/3252

摘要： A method of determining the integrity of a message exchanged between a pair of correspondents. The message is secured by embodying the message in a function of a public key derived from a private key selected by one of the correspondents. The method comprises first obtaining the public key. The public key is then subjected to at least one mathematical test to determine whether the public key satisfies predefined mathematical characteristics. Messages utilizing the public key are accepted if the public key satisfies the predefined mathematical characteristics.