公开(公告)号：US09806890B2

公开(公告)日：2017-10-31

申请号：US13698888

申请日：2011-04-27

申请人： Luan Ibraimi ,  Muhammad Asim ,  Milan Petkovic

发明人： Luan Ibraimi ,  Muhammad Asim ,  Milan Petkovic

IPC分类号： H04L9/32 ,  H04L9/08

CPC分类号： H04L9/3255 ,  H04L9/085 ,  H04L9/0891

摘要： An attribute-based digital signature system comprises a signature generation unit (1) for signing a message (m) by generating a signature (σ) based on a user secret key (SK) associated with a set of user attributes, wherein the signature generation unit (1) is arranged for combining the user secret key (SK) with revocation data (R) to form at least part of the signature (σ), wherein the revocation data (R) complements respective ones of a plurality of valid user secret keys and wherein the revocation data (R) prevents a revoked user secret key (SK) from being used to validly sign a message (m) with the set of user attributes. The system further comprises a revocation unit (2) for selectively removing at least part of the signing capability of a to-be-revoked user secret key (SK), by generating updated revocation data (R), wherein the updated revocation data (R) is based on at least part of the to-be-revoked user secret key (SK). A plurality of attribute authorities 301 may independently issue cryptographic keys.

公开(公告)号：US20130073860A1

公开(公告)日：2013-03-21

申请号：US13698888

申请日：2011-04-27

申请人： Luan Ibraimi ,  Muhammad Asim ,  Milan Petkovic

发明人： Luan Ibraimi ,  Muhammad Asim ,  Milan Petkovic

IPC分类号： H04L9/32 ,  H04L9/08

CPC分类号： H04L9/3255 ,  H04L9/085 ,  H04L9/0891

摘要： An attribute-based digital signature system comprises a signature generation unit (1) for signing a message (m) by generating a signature (σ) based on a user secret key (SK) associated with a set of user attributes, wherein the signature generation unit (1) is arranged for combining the user secret key (SK) with revocation data (R) to form at least part of the signature (σ), wherein the revocation data (R) complements respective ones of a plurality of valid user secret keys and wherein the revocation data (R) prevents a revoked user secret key (SK) from being used to validly sign a message (m) with the set of user attributes. The system further comprises a revocation unit (2) for selectively removing at least part of the signing capability of a to-be-revoked user secret key (SK), by generating updated revocation data (R), wherein the updated revocation data (R) is based on at least part of the to-be-revoked user secret key (SK). A plurality of attribute authorities 301 may independently issue cryptographic keys.

摘要翻译： 基于属性的数字签名系统包括：签名生成单元（1），用于通过基于与一组用户属性相关联的用户密钥（SK）生成签名（＆sgr）来签名消息（m），其中，签名 生成单元（1）被布置成用于将用户密钥（SK）与撤销数据（R）组合以形成签名（＆sgr;）的至少一部分，其中撤销数据（R）补充多个有效的 用户密钥，并且其中所述撤销数据（R）防止撤销的用户密钥（SK）被用于对所述一组用户属性进行有效地签名消息（m）。 所述系统还包括撤销单元（2），用于通过生成更新的撤销数据（R）来选择性地去除所述被撤销用户密钥（SK）的签名能力的至少一部分，其中所述更新的撤销数据（R ）基于被撤销用户密钥（SK）的至少一部分。 多个属性权限301可以独立地发出加密密钥。