-
公开(公告)号:US08359468B2
公开(公告)日:2013-01-22
申请号:US13172138
申请日:2011-06-29
IPC分类号: H04L9/00
CPC分类号: H04L9/3247 , G06Q20/341 , G06Q20/40975 , G07F7/1008 , H04L9/3066 , H04L9/3252 , H04L2209/04
摘要: The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual EIGamal or ECDSA type signature verification.
摘要翻译: 本发明涉及在安全通信系统中使用公共密钥方案的数字签名操作,特别是与智能卡等计算能力有限的处理器一起使用。 本发明描述了一种用于创建和认证数字签名的方法,包括以下步骤:选择第一会话参数k并生成从会话参数k导出的第一短期公钥,使用从第一数学函数导出的第一签名组件 短期公钥,选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件,并且不使用反向操作,使用第一和第二会话参数来计算第三签名组件 并将签名组件(s,r,c)作为掩蔽的数字签名发送到接收机计算机系统。 在接收机计算机系统中,通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s',以将签名组件(s',r)导出为未被屏蔽的数字签名。 验证这些签名组件,如通常的EIGAMAL或ECDSA类型的签名验证。
-
公开(公告)号:US20100284540A1
公开(公告)日:2010-11-11
申请号:US12840008
申请日:2010-07-20
IPC分类号: H04L9/08
CPC分类号: H04L9/3242 , H04L9/3249
摘要: A system and method are provided for enabling a symmetric key to be derived, the method comprising: obtaining a plurality of key parts, wherein the plurality of key parts when combined equal the symmetric key; encrypting a first of the key parts using a first cryptographic algorithm to generate a first encrypted value; encrypting one or more remaining key parts of the plurality of key parts using respective cryptographic algorithms to generate one or more additional encrypted values, wherein each key part encrypted is encrypted using a different cryptographic algorithm; and providing the first encrypted value and the one or more additional encrypted values to an other entity to enable the other entity to derive the symmetric key.
摘要翻译: 提供了一种用于使得能够导出对称密钥的系统和方法,所述方法包括:获得多个密钥部分,其中所述多个密钥部分在组合时等于所述对称密钥; 使用第一密码算法加密第一密钥部分以生成第一加密值; 使用相应的密码算法加密所述多个密钥部分中的一个或多个剩余的关键部分以生成一个或多个附加的加密值,其中使用不同的加密算法加密加密的每个密钥部分; 以及将第一加密值和所述一个或多个附加加密值提供给另一实体以使所述另一实体能够导出所述对称密钥。
-
公开(公告)号:US08233617B2
公开(公告)日:2012-07-31
申请号:US12840008
申请日:2010-07-20
CPC分类号: H04L9/3242 , H04L9/3249
摘要: A system and method are provided for enabling a symmetric key to be derived, the method comprising: obtaining a plurality of key parts, wherein the plurality of key parts when combined equal the symmetric key; encrypting a first of the key parts using a first cryptographic algorithm to generate a first encrypted value; encrypting one or more remaining key parts of the plurality of key parts using respective cryptographic algorithms to generate one or more additional encrypted values, wherein each key part encrypted is encrypted using a different cryptographic algorithm; and providing the first encrypted value and the one or more additional encrypted values to an other entity to enable the other entity to derive the symmetric key.
摘要翻译: 提供了一种用于使得能够导出对称密钥的系统和方法,所述方法包括:获得多个密钥部分,其中所述多个密钥部分在组合时等于所述对称密钥; 使用第一密码算法加密第一密钥部分以生成第一加密值; 使用相应的密码算法加密所述多个密钥部分中的一个或多个剩余的关键部分以生成一个或多个附加的加密值,其中使用不同的加密算法加密加密的每个密钥部分; 以及将第一加密值和所述一个或多个附加加密值提供给另一实体以使所述另一实体能够导出所述对称密钥。
-
公开(公告)号:US06487660B1
公开(公告)日:2002-11-26
申请号:US09432166
申请日:1999-11-02
IPC分类号: G06F124
CPC分类号: G07F7/1008 , G06Q20/341 , G06Q20/40975 , H04L9/0841 , H04L9/3066 , H04L9/3273
摘要: A method of authenticating a pair of correspondents C,S to permit the exchange of information therebetween, each of the correspondents having a respective private key, e, d and a public key, Qu, and Qs derived from a generator element of a group and a respective ones of the private keys e,d, the method comprising the steps of: a first of the correspondents C generating a session value x; the first correspondent generating a private value t, a public value derived from the private value t and the generator and a shared secret value derived from the private value t and the public key Qs of the second correspondent; the second correspondent generating a challenge value y and transmitting the challenge value y to the first correspondent; the first correspondent in response thereto computing a value h by applying a function H to the challenge value y, the session value x, the public value an of the first correspondent; the first correspondent signing the value h utilizing the private key e; the first correspondent transmitting to the second correspondent the signature including the session value x, and the private value t; and the second correspondent verifying the signature utilizing the public key Qu of the first correspondent and whereby verification of the signature authenticates the first correspondent to the second correspondent.
摘要翻译: 一种认证一对记者C,S以允许它们之间的信息交换的方法,每个通信对象具有从组的发生器元素导出的相应私钥,e,d和公钥Qu和Q,以及 相应的私钥e,d,该方法包括以下步骤:生成会话值x的通信对象C中的第一个; 生成私有值t的第一通信对象,从私有值t和生成器导出的公有值和从私有值t和第二通信对方的公钥Qs导出的共享秘密值; 第二记者产生质询值y并将询问值y发送给第一通讯员; 响应于第一记者通过将函数H应用于质询值y,会话值x,第一记者的公开值a来计算值h; 第一个记者利用私钥e签名值h; 第一记者向第二记者发送包括会话值x和私有值t的签名; 以及第二记者利用第一记者的公钥Qu验证签名,由此签名的验证对第二通信对象的第一对应者进行认证。
-
公开(公告)号:US08953787B2
公开(公告)日:2015-02-10
申请号:US13527891
申请日:2012-06-20
CPC分类号: H04L9/0844 , G06F7/725 , H04L9/0841 , H04L9/3066 , H04L9/3252
摘要: A method of determining the integrity of a message exchanged between a pair of correspondents. The message is secured by embodying the message in a function of a public key derived from a private key selected by one of the correspondents. The method comprises first obtaining the public key. The public key is then subjected to at least one mathematical test to determine whether the public key satisfies predefined mathematical characteristics. Messages utilizing the public key are accepted if the public key satisfies the predefined mathematical characteristics.
-
公开(公告)号:US20110258455A1
公开(公告)日:2011-10-20
申请号:US13172138
申请日:2011-06-29
申请人: Donald B. Johnson , Scott A. Vanstone , Minghua Qu
发明人: Donald B. Johnson , Scott A. Vanstone , Minghua Qu
IPC分类号: H04L9/32
CPC分类号: H04L9/3247 , G06Q20/341 , G06Q20/40975 , G07F7/1008 , H04L9/3066 , H04L9/3252 , H04L2209/04
摘要: The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual EIGamal or ECDSA type signature verification.
摘要翻译: 本发明涉及在安全通信系统中使用公共密钥方案的数字签名操作,特别是与具有计算能力有限的处理器(例如“智能卡”)一起使用。 本发明描述了一种用于创建和认证数字签名的方法,包括以下步骤:选择第一会话参数k并生成从会话参数k导出的第一短期公钥,使用从第一数学函数导出的第一签名组件 短期公钥,选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件,并且不使用反向操作,使用第一和第二会话参数来计算第三签名组件 并将签名组件(s,r,c)作为掩蔽的数字签名发送到接收机计算机系统。 在接收机计算机系统中,通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s',以将签名组件(s',r)导出为未屏蔽的数字签名。 验证这些签名组件,如通常的EIGAMAL或ECDSA类型的签名验证。
-
公开(公告)号:US20100014663A1
公开(公告)日:2010-01-21
申请号:US12458468
申请日:2009-07-13
CPC分类号: H04L9/0844 , G06F7/725 , H04L9/0841 , H04L9/3066 , H04L9/3252
摘要: A method of determining the integrity of a message exchanged between a pair of correspondents. The message is secured by embodying the message in a function of a public key derived from a private key selected by one of the correspondents. The method comprises first obtaining the public key. The public key is then subjected to at least one mathematical test to determine whether the public key satisfies predefined mathematical characteristics. Messages utilizing the public key are accepted if the public key satisfies the predefined mathematical characteristics.
摘要翻译: 一种确定在一对记者之间交换的消息的完整性的方法。 通过将消息体现在由其中一个记者选择的私钥派生的公共密钥的功能中来保护消息。 该方法包括首先获得公钥。 然后对公钥进行至少一个数学测试,以确定公钥是否满足预定义的数学特性。 如果公钥满足预定义的数学特征,则接受使用公钥的消息。
-
公开(公告)号:US20090319790A1
公开(公告)日:2009-12-24
申请号:US12488652
申请日:2009-06-22
申请人: Donald B. Johnson , Scott A. Vanstone , Minghua Qu
发明人: Donald B. Johnson , Scott A. Vanstone , Minghua Qu
IPC分类号: H04L9/00
CPC分类号: H04L9/3247 , G06Q20/341 , G06Q20/40975 , G07F7/1008 , H04L9/3066 , H04L9/3252 , H04L2209/04
摘要: The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual ElGamal or ECDSA type signature verification.
摘要翻译: 本发明涉及在安全通信系统中使用公共密钥方案的数字签名操作,特别是与具有计算能力有限的处理器(例如“智能卡”)一起使用。 本发明描述了一种用于创建和认证数字签名的方法,包括以下步骤:选择第一会话参数k并生成从会话参数k导出的第一短期公钥,使用从第一数学函数导出的第一签名组件 短期公钥,选择第二会话参数t并且使用第二会话参数t计算从第二数学函数导出的第二签名组件,并且不使用反向操作,使用第一和第二会话参数来计算第三签名组件 并将签名组件(s,r,c)作为掩蔽的数字签名发送到接收机计算机系统。 在接收机计算机系统中,通过将第三签名组件与第二签名组件组合来计算恢复的第二签名组件s',以将签名组件(s',r)导出为未屏蔽的数字签名。 验证这些签名组件,如通常的ElGamal或ECDSA类型签名验证。
-
公开(公告)号:US06279110B1
公开(公告)日:2001-08-21
申请号:US08966702
申请日:1997-11-10
申请人: Donald B. Johnson , Scott A. Vanstone , Minghua Qu
发明人: Donald B. Johnson , Scott A. Vanstone , Minghua Qu
IPC分类号: H04L930
CPC分类号: H04L9/3247 , G06Q20/341 , G06Q20/40975 , G07F7/1008 , H04L9/3066 , H04L9/3252 , H04L2209/04
摘要: The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual ElGamal or ECDSA type signature verification.
摘要翻译: 本发明涉及在安全通信系统中使用公共密钥方案的数字签名操作,特别是与具有有限计算能力的处理器(例如“智能卡”一起使用)一起使用本发明描述了一种用于创建和认证数字签名的方法,包括步骤 选择第一会话参数k并生成从会话参数k导出的第一短期公钥,使用短期公钥计算从第一数学函数导出的第一签名组件r,选择第二会话参数t并计算 使用第二会话参数t从第二数学函数导出并且不使用反向操作的第二签名组件s,使用第一和第二会话参数来计算第三签名组件,并将签名组件(s,r,c)发送为蒙版 接收机计算机系统的数字签名 通过将第三签名组件与第二签名组件组合来导出恢复的第二签名组件s',以将签名组件(s',r)导出为未被屏蔽的数字签名。 验证这些签名组件,如通常的ElGamal或ECDSA类型签名验证。
-
公开(公告)号:US20130019099A1
公开(公告)日:2013-01-17
申请号:US13620758
申请日:2012-09-15
IPC分类号: H04L9/08
CPC分类号: H04L9/0844 , G06F7/725 , H04L9/0841 , H04L9/3066 , H04L9/3252
摘要: A method of determining the integrity of a message exchanged between a pair of correspondents. The message is secured by embodying the message in a function of a public key derived from a private key selected by one of the correspondents. The method comprises first obtaining the public key. The public key is then subjected to at least one mathematical test to determine whether the public key satisfies predefined mathematical characteristics. Messages utilizing the public key are accepted if the public key satisfies the predefined mathematical characteristics.
摘要翻译: 一种确定在一对记者之间交换的消息的完整性的方法。 通过将消息体现在由其中一个记者选择的私钥派生的公共密钥的功能中来保护消息。 该方法包括首先获得公钥。 然后对公钥进行至少一个数学测试,以确定公钥是否满足预定义的数学特性。 如果公钥满足预定义的数学特征,则接受使用公钥的消息。
-
-
-
-
-
-
-
-
-
搜索结果
65 条记录 (耗时 0.021 秒)
