-
公开(公告)号:US20190229929A1
公开(公告)日:2019-07-25
申请号:US16374197
申请日:2019-04-03
发明人: Jan L. Camenisch , Anja Lehmann , Gregory Neven
摘要: A method and system configured to produce a cryptographic signature on a message, under a key, at a user computer wherein the key is shared between the user computer, which stores a first key-share, and an authentication computer, which stores a second key-share and a first authentication value. The user computer encodes the message to produce a blinded message, produces the first authentication value from a user password and a secret value, and produces a second authentication value by encoding the first authentication value and a nonce. The authentication computer uses the nonce to determine if the first authentication value is correct and, if so, encodes the blinded message using the second key-share to produce a partial signature. The user computer produces a signature on the message under the key by encoding the partial signature and the message using the first key-share and an unblinding function.
-
公开(公告)号:US10171451B2
公开(公告)日:2019-01-01
申请号:US16007353
申请日:2018-06-13
发明人: Jan Camenisch , Yossi Gilad , Anja Lehmann , Zoltan A. Nagy , Gregory Neven
摘要: Respective cryptographic shares of password data, dependent on a user password, are provided at n authentication servers. A number t1≤n of the password data shares determine if the user password matches a password attempt. Respective cryptographic shares of secret data, enabling determination of a username for each verifier server, are provided at n authentication servers. A number t2≤t1 of the shares reconstruct the secret data. For a password attempt, the user computer communicates with at least t1 authentication servers to determine if the user password matches the password attempt and, if so, the user computer receives at least t2 secret data shares from respective authentication servers. The user computer uses the secret data to generate, with T≤t1 of said t1 servers, a cryptographic token for authenticating the user computer to a selected verifier server, secret from said at least T servers, under said username.
-
公开(公告)号:US10079686B2
公开(公告)日:2018-09-18
申请号:US14811882
申请日:2015-07-29
CPC分类号: H04L9/3263 , G06F21/125 , G06F21/602 , H04L9/3268 , H04L2209/16 , H04L2209/42
摘要: The invention relates to an obfuscated program logic of machine executable instructions and a hardcoded cryptographic signing key. The obfuscated program logic further comprising a hardcoded first attribute value wherein execution of the machine executable instructions by the processor causes the obfuscated program logic to receive a request and in response to receiving the request evaluate whether the request is related to the hardcoded first attribute value. In case the request is related to the hardcoded first attribute value, then computing with the hardcoded first attribute value a response to the request and computing with the cryptographic signing key a signature, wherein the signature certifies the request for which the response was computed and certifies the authenticity of the response. Then generating and returning a presentation token comprising the response and the signature, and providing the presentation token to a receiver computer system.
-
公开(公告)号:US20180091520A1
公开(公告)日:2018-03-29
申请号:US15278411
申请日:2016-09-28
CPC分类号: H04L63/102 , H04L9/0891 , H04L9/3271 , H04L2463/146
摘要: A method, computer program product, and system for providing verification processes associated with a commitment-based authentication protocol are described. A request by a user for access to one or more resources is received, and a presentation policy is transmitted to the user indicating required credentials. A commitment to a revocation handle is received, including an indication of an associated Sigma protocol executed by the user. A challenge value selected from a challenge value set associated with the associated Sigma protocol is transmitted to the user. Based on the selected challenge value, a presentation token and a value parameter that is distinct from the presentation token are received from the user. Based on a determination as to whether the presentation token and value parameter are valid in accordance with the associated Sigma protocol, access for the user to the one or more resources is granted to the user or prevented.
-
公开(公告)号:US09871655B2
公开(公告)日:2018-01-16
申请号:US15402508
申请日:2017-01-10
发明人: Jan L. Camenisch , Anja Lehmann , Gregory Neven
CPC分类号: H04L9/0861 , H04L9/0866 , H04L9/30 , H04L9/3218 , H04L9/3247 , H04L9/3263 , H04L63/0407 , H04L63/062 , H04L63/0823 , H04L2209/04 , H04L2209/42
摘要: A method for deriving a verification token from a credential may be provided. The credential may be a set of attributes certified by an issuer to a user using a public key of the issuer. The method may comprise generating the verification token out of the credential and binding the verification token to a context string, wherein the verification token may comprise at least one commitment. A commitment may be a blinded version of an attribute. The method may also comprise generating an opening key for the verification token enabling a generation of a confirmation for a validity of the attribute.
-
公开(公告)号:US20170149563A1
公开(公告)日:2017-05-25
申请号:US15402508
申请日:2017-01-10
发明人: Jan L. Camenisch , Anja Lehmann , Gregory Neven
CPC分类号: H04L9/0861 , H04L9/0866 , H04L9/30 , H04L9/3218 , H04L9/3247 , H04L9/3263 , H04L63/0407 , H04L63/062 , H04L63/0823 , H04L2209/04 , H04L2209/42
摘要: A method for deriving a verification token from a credential may be provided. The credential may be a set of attributes certified by an issuer to a user using a public key of the issuer. The method may comprise generating the verification token out of the credential and binding the verification token to a context string, wherein the verification token may comprise at least one commitment. A commitment may be a blinded version of an attribute. The method may also comprise generating an opening key for the verification token enabling a generation of a confirmation for a validity of the attribute.
-
公开(公告)号:US20170104745A1
公开(公告)日:2017-04-13
申请号:US14878933
申请日:2015-10-08
发明人: Jan Camenisch , Anja Lehmann , Gregory Neven
IPC分类号: H04L29/06
CPC分类号: H04L63/083 , H04L9/085 , H04L9/0891 , H04L9/3218 , H04L9/3221 , H04L9/3226 , H04L9/3239 , H04L63/061 , H04L63/0876 , H04L63/101
摘要: A system of λ≧2 servers is provided. The server system comprises an access control server for communication with user computers via a network and controlling access by the user computers to a resource in dependence on authentication of user passwords associated with respective user IDs, and a set of authentication servers for communication with the access control server via the network. In this system, at least each authentication server stores a respective key-share Ki of a secret key K which is shared between a plurality of the λ servers. The access control server is adapted, in response to receipt from a user computer of a user ID and an input password, to produce a hash value h via a first hash function operating on the input password. The access control server blinds the hash value h to produce a blinded hash value u, and sends the blinded hash value u via the network to at least a subset of the set of authentication servers. Each authentication server is adapted, in response to receipt of the blinded hash value u, to produce a hash response vi from the blinded hash value u and that server's key-share Ki, and to send the hash response vi via the network to the access control server. The access control server is further adapted to produce, using the hash response vi from each authentication server, an input password hash comprising a predetermined function of said hash value h and said secret key K. The access control server compares the input password hash with a corresponding user password hash, produced from the user password for the received user ID and pre-stored by the access control server, to determine whether the input password equals the user password, if so permitting access to the resource by the user computer.
-
公开(公告)号:US20170104588A1
公开(公告)日:2017-04-13
申请号:US14877738
申请日:2015-10-07
发明人: Jan L. Camenisch , Anja Lehmann , Gregory Neven
IPC分类号: H04L9/08
CPC分类号: H04L9/085 , H04L9/0819 , H04L9/0869 , H04L9/088 , H04L9/0891
摘要: One of n≧2 servers, connectable via a network, implements a cryptographic protocol using a secret key K which is shared between the n servers, and includes first and second server compartments. The first is connectable to the network, adapted to implement the cryptographic protocol, and stores a current key share of the secret key K. The second is inaccessible from the network in the operation of the server, stores a set of master keys, and is adapted, for each of successive time periods, to unilaterally generate a new key share of the secret key K and to supply it to the first as the current key share for that time period. The new key share includes a random share of a predetermined value p which is shared between the n servers, and the random share includes a function of the set of master keys.
-
公开(公告)号:US20170099268A1
公开(公告)日:2017-04-06
申请号:US14872695
申请日:2015-10-01
发明人: Jan L. Camenisch , Anja Lehmann , Gregory Neven , Kai Samelin
CPC分类号: H04L63/0435 , H04L9/3226 , H04L63/061 , H04L63/083 , H04L63/18
摘要: Computer-implemented methods are provided for communicating message data from a sender computer to a receiver computer via a network. The sender computer encrypts the message data in dependence on a cryptographic key to produce a ciphertext, and establishes an access password for the ciphertext with a host computer connected to the network. The sender computer sends the ciphertext via the network to the host computer, and sends an email, containing the cryptographic key in cleartext, to the receiver computer via the network. The cryptographic key comprises a random cryptographic value which is independent of the access password. The host computer receives the ciphertext from the sender computer and stores the ciphertext in association with the access password. The receiver computer receives the email from the sender computer and sends an access request for the ciphertext, and an input password, to the host computer via the network. The host computer, on receiving the access request and the input password, sends the ciphertext to the receiver computer via the network if the input password equals the access password. The receiver computer decrypts the received ciphertext using the cryptographic key to obtain the message data.
-
公开(公告)号:US20160269397A1
公开(公告)日:2016-09-15
申请号:US15165277
申请日:2016-05-26
发明人: Jan Camenisch , Anja Lehmann , Gregory Neven
IPC分类号: H04L29/06
CPC分类号: H04L63/0823 , H04L9/0897 , H04L9/3221 , H04L9/3234 , H04L9/3257 , H04L63/061 , H04L63/0807 , H04L2209/42
摘要: Effecting reissue in a data processing system of a cryptographic credential certifying a set of attributes, the credential being initially bound to a first secret key stored in a first processing device. A backup token is produced using the first device and comprises a commitment to said set of attributes and proof data permitting verification that the set of attributes in said commitment corresponds to the set of attributes certified by said credential. At a second processing device, a second secret key is stored and blinded to produce a blinded key. A credential template token produced from the backup token and the blinded key is sent to a credential issuer where said verification is performed using the proof data and the credential template token is used to provide a reissued credential, certifying said set of attributes, to the second device, the reissued credential being bound to the second secret key.
摘要翻译: 在验证一组属性的加密凭证的数据处理系统中重新发行,该证书最初被绑定到存储在第一处理设备中的第一秘密密钥。 使用第一设备产生备份令牌,并且包括对所述一组属性的承诺和证明数据,允许验证所述承诺中的一组属性对应于由所述凭证认证的属性集合。 在第二处理装置中,第二秘密密钥被存储和蒙蔽以产生盲密钥。 从备份令牌和盲密钥产生的凭证模板令牌被发送到证书颁发者,其中使用证明数据执行所述验证,并且使用凭证模板令牌将重新颁发的证书(证明所述属性集)证明到第二 设备,重新签发的凭证被绑定到第二秘密密钥。
-
-
-
-
-
-
-
-
-