EP1466304A1 - Kryptographisches widerrufungsverfahren mit einer chipkarte - Google Patents

Kryptographisches widerrufungsverfahren mit einer chipkarte

Info

Publication number
EP1466304A1
EP1466304A1 EP03729506A EP03729506A EP1466304A1 EP 1466304 A1 EP1466304 A1 EP 1466304A1 EP 03729506 A EP03729506 A EP 03729506A EP 03729506 A EP03729506 A EP 03729506A EP 1466304 A1 EP1466304 A1 EP 1466304A1
Authority
EP
European Patent Office
Prior art keywords
chip
calculation
entity
signature
list
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP03729506A
Other languages
English (en)
French (fr)
Inventor
Sébastien CANARD
Marc Girault
Jacques Traore
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Orange SA
Original Assignee
France Telecom SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by France Telecom SA filed Critical France Telecom SA
Publication of EP1466304A1 publication Critical patent/EP1466304A1/de
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/42Anonymization, e.g. involving pseudonyms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Definitions

  • the present invention relates to the field of telecommunications and more particularly to the securing of transmissions, in particular for services, which uses cryptography.
  • electronic signature mechanisms To authenticate the origin of a document transmitted by telecommunication means, electronic signature mechanisms have been developed. It should be noted that the terms transmission in electronic form are commonly used to qualify a transmission of a document by telecommunication means.
  • the documents in question in the context of the invention must be presented in digital form as opposed to a presentation in paper form; the term message is used later in the request to designate this type of document.
  • the most common electronic signature mechanisms are based on so-called public key cryptography techniques which involve an entity called a trusted authority.
  • this trusted authority generates certificates on behalf of users of common public key processes; these certificates establish a link between a public key and the identity of the owner of this key.
  • the individual signing the message must first obtain certification from the trusted authority by communicating at least their public key and identity.
  • the signature method calculates an electronic signature of the message taking into account on the one hand the content of the message and on the other hand the private key of the individual.
  • the signatory transmits the message, the signature and his certificate to the recipient.
  • the recipient of the message verifies the electronic signature of the message using at least the public key and the content of the message. For specific applications, such as electronic voting, electronic auctions or anonymous electronic payment, it is necessary to have an electronic signature known as anonymous.
  • An anonymous electronic signature has the same characteristics as an electronic signature except that the recipient cannot determine the identity of the signatory; the signatory remains anonymous. However, the recipient may apply to the trusted authority, which has, for example through the certificate, a means of lifting anonymity.
  • the trusted authority which has, for example through the certificate, a means of lifting anonymity.
  • An anonymous group signature process allows each member of a group to produce an electronic signature that is characteristic of the group. The recipient of a message accompanied by an anonymous group signature can verify that the signature was produced by one of the group members. However, he cannot determine, among the various members of the group, the member in question.
  • a group is a set of individuals who declare themselves to an authority as belonging to the same group. During this declaration, each individual interacts with the trusted authority according to a determined protocol at the end of which the individual obtains a private key, associated with a group public key previously determined by the trusted authority, and the authority and the individual obtain an identifier of the individual associated with this private key. Each of these individuals is in the continuation of the request designated by the term of member.
  • An example of such a protocol is described in the article by J. Camenisch and M. Michels which has for reference "Efficient group signature signature schemes for large groups", In B.
  • Kaliski editor, Advances in Cryptology - CRYPTO97, volume 1296 of LNCS, pages 410 to 424, Springer-Verlag, 1997.
  • the same interaction occurs when a new member arrives.
  • the existence of a group translates on the side of the authority of trust by the attribution to the group of a public key known as of group and by the attribution to each member of a private key associated with the public key, different for each member, and an identifier.
  • a member can produce an anonymous group signature of a message of their choice. Any recipient can verify that this signature has been produced by one of the members of the group, provided that the group public key is used.
  • the recipient is certain that the signature has been produced, or not, by a member of the group, but he does not obtain any information on the identifier of this member; the signature is anonymous.
  • the recipient has the option of contacting the trusted authority, which can determine the identity of the signatory from the encrypted identifier, using a public key from the trusted authority, which accompanies the signature. anonymous group.
  • the trusted authority can therefore lift anonymity at any time.
  • a group After constitution with the trusted authority, a group can evolve. According to a first type of evolution, new individuals can become members of the group. According to a second type of evolution, limbs can disappear, either by the departure of an individual from the group, or by the exclusion of an individual from the group; for this type of development, we speak of revocation.
  • the trusted authority is faced with the problem of giving or withdrawing a member of the group the means to produce an anonymous signature of the group.
  • the first problem posed which lies in allocating the means to produce an anonymous signature of the group to a new member, is resolved by using one of the known public key / private key generation algorithms which make it possible to associate with the same key. public as many private keys as necessary.
  • the recipient uses the determined elements and the quantified results to verify on the one hand that the divisions were correctly carried out and on the other hand that all the results are different from 1; that is, to ensure that the signature was produced by an unrevoked member.
  • the disadvantage of this method is that it generates an anonymous group signature, the length and time of calculation of which increases in proportion to the number of dismissed members, given that there are as many quantified results and determined elements as there are dismissed members.
  • the trusted authority modifies the public ownership key and the renewal key.
  • Each remaining member of the group modifies their own private ownership key using the renewal key and checks its validity using the public ownership key.
  • the signatory member uses their private property key.
  • the recipient can verify the electronic signature using the public ownership key.
  • One of the objectives of the invention is to remedy the drawbacks of the known and previously described methods.
  • the subject of the invention is a cryptographic method implemented by a smart card of a set of smart cards each belonging to a first entity which can be different for each smart card, each smart card being equipped with a chip comprising a storage means in which a secret key and an identifier of the first entity owning the smart card are stored and comprising a calculation means in which is implemented a cryptography algorithm having as input arguments at least the secret key.
  • the cryptographic method according to the invention comprises the steps which consist:
  • the invention further relates to a smart card for the implementation of such a method.
  • the method according to the invention consists in prohibiting by the chip of the chip card any cryptographic calculation implanted in the chip, when the owner of the chip card is in a state positioned to be revoked by the second entity. Otherwise, the owner of the chip card is in a position set to not revoked, the chip authorizes the calculation.
  • the second entity which is typically a trusted authority, updates a list of identifiers for each smart card owner whose status is revoked or not revoked. This hste is stored by the second entity in a storage means connected to a telecommunications network. This means is accessible by the smart card via a smart card reader associated with a computer such as a personal computer, itself connected to the telecommunications network.
  • a revoked member cannot perform cryptographic calculation if he is revoked. If the cryptography algorithm implemented in the chip is an anonymous signature calculation algorithm, the owner of the smart card cannot sign a file using his smart card if he is revoked.
  • the method according to the invention can be carried out in a particular way; some achievements are listed below in a non-exhaustive manner.
  • the list includes the identifiers of the revoked entities, in this case the Hste is said to be black Hste.
  • the list includes the identifiers of the non-revoked entities, in this case the Hste is said to be white Hste.
  • the Hste is signed by the second entity; the second entity calculates this signature using a signature algorithm.
  • This algorithm may be an asymmetric public key algorithm such as RSA, RSA being the initials of the inventors
  • the chip checks the validity of the signature.
  • the chip verifies the signature using the same asymmetric algorithm taking as argument the public key. This verification makes it possible to authenticate the Hste as a whole and therefore to verify its integrity.
  • each identifier in the list is associated with a count value, each set formed by the identifier and the associated count value being signed by the second entity; the list includes a value of the number of Hstés identifiers in the list as well as the signature of this value.
  • Each signature is calculated in the same way as in the previous embodiment.
  • the chip checks the validity of each signature. This verification makes it possible to authenticate each identifier in the list, the associated count value and the value read from the number of identifiers.
  • the chip increments a counter each time an identifier is read, taking into account the count value associated with the identifier read, then it compares this counter to the authenticated value before any authorization for calculation by the chip. This comparison makes it possible to verify the integrity of the number of identifiers read.
  • FIG. 1 is a flow diagram of a cryptographic method according to the invention.
  • FIG. 2 is a flowchart of a first embodiment of a cryptographic method according to the invention.
  • FIG. 3 is a flow diagram of a second embodiment of a cryptographic method according to the invention.
  • FIG. 4 is a flow diagram of an example of implementation by a chip of the second embodiment of a cryptographic method according to the invention.
  • FIG. 5 is a diagram of a smart card according to the invention.
  • FIG. 1 is a flow diagram of a cryptographic method according to the invention. Detailed description of embodiments of the invention
  • the method is implemented by a smart card of a set of smart cards each belonging to a first entity.
  • Each first entity typically a natural person, can be different for each smart card.
  • Each chip card is equipped with a chip which includes a storage means and a calculation means.
  • a secret key and an identifier of the first entity owning the card to chip are stored in the storage means.
  • a cryptography algorithm having as input arguments at least the secret key is implemented in the calculation means.
  • This cryptography algorithm can just as easily be a group signature calculation algorithm, an encryption algorithm or a decryption algorithm.
  • the chip activates the calculation means which calculates an output data as a function of input arguments presented at the input of the cryptography algorithm.
  • the method Before any calculation 1 by the means for calculating the chip of the smart card, the method consists in reading 2 by the chip in a means of memorizing a second entity a Hste of identifiers in integral form of the first entities owning d 'a smart card. In a completely equivalent manner, the method can write in the chip a list read in the storage means of a second entity. In the following description, any read operation can be replaced in a completely equivalent manner by a write operation.
  • the Hste is Hée in each state assigned to each of the first entities by the second entity; the state is set to revoked or not revoked by the second entity.
  • the list contains either the first revoked entities, it is a black list, or the first non-revoked entities, it is a white Hste.
  • the second entity stores this Hste in a storage means which is accessible via a telecommunications network. It can be a memory space on a server or on a mass memory for example.
  • the method then consists in comparing 3 with the chip the identifier stored in the chip storage means and the content of the list. If, after the comparison, the chip finds that the first entity is revoked then the chip prohibits 4 any calculation of the calculation means. On the other hand, if, after the comparison, the chip finds that the first entity is not revoked so the chip authorizes any calculation of the calculation means.
  • the process is as follows.
  • the chip initializes a cookie to one. Eue successively compares each identifier read with the identifier stored in the chip; if there is no identity the chip sets the witness to one otherwise it sets the witness to zero. At the end of the comparison between each identifier read and the identifier stored in the chip, the chip prohibits any calculation of the calculation means if the witness is one. On the other hand, if the indicator is at zero, the chip authorizes any calculation of the calculation means.
  • FIG. 2 A first mode of realizing a cryptographic method according to the invention is illustrated in FIG. 2. This mode includes the steps described with regard to FIG. 1, they are not re-described, and additional steps below described .
  • the Ht 10 chip also, along with the list and in the same memory area, a signature of this Hste.
  • the signature is calculated beforehand by a means of calculating the second entity.
  • the chip checks 11 the validity of the signature to authenticate the Hste and to check its integrity. If the signature is not valid, the chip prohibits 4 any calculation of the calculation means, otherwise eHe authorizes the calculation.
  • FIG. 3 A second embodiment of a cryptographic method according to the invention is illustrated in FIG. 3. This mode includes the steps described with reference to FIG. 1, they are not re-described, and additional steps below described .
  • the chip reads 12, 13, 14 in addition, at the same time as the Hste and in the same memory area, a count value associated with each identifier, a signature for each set composed of an identifier of this Hste and of a associated count value, the value of the number of identifiers of this Hste as well as a signature of this value.
  • the signature of each identifier and its associated count value, the value of the number of identifiers and the signature of this value are calculated beforehand by a means of calculating the second entity and stored in the same memory area as the Hste.
  • the chip increments a counter on each reading by the chip of an identifier taking into account the count value associated with the identifier, in order to count the number of identifiers.
  • the chip checks 16, 17 the validity of each of the signatures to respectively authenticate each identifier of the Hste and the number of identifiers. If one of the signatures is not valid, the chip prohibits the calculation. After reading the list of identifiers, the chip compares 18 the value of its counter with the value read of the number of identifiers. If these values are different, the chip prohibits 4 any calculation of the calculation means. If these values are identical, the chip checks 17 the validity of the signature of the value of the number of identifiers. FIG.
  • the chip initializes 19 a witness to one and a counter to zero.
  • the chip reads an identifier from the list and the associated count value, reads their signature and increments the counter.
  • the chip compares the witness to zero. If the indicator is other than zero, the chip compares the identifier read with the identifier stored in the chip; if there is no identity, the chip positions 23 the witness at one otherwise it positions 24 the witness at zero.
  • the chip checks the validity of the signature of the assembly composed of the identifier read and of the associated count value.
  • the chip prohibits 4 any calculation of the calculation means. However, if the signature is valid, the chip waits for the next identifier or 26, if there is no more identifier in the list, the chip reads 27 the value of the number of identifiers and its signature. The chip compares 18 the value of the number of identifiers with the value of its counter. If these values are different, the chip prohibits 4 any calculation of the calculation means, otherwise the chip checks 17 the validity of the signature of the value of the number read. If the signature is not valid, the chip prohibits 4 any calculation of the calculation means. On the other hand, if the signature is valid, the chip tests 28 the value of the number of identifiers. If the indicator is different from one, the chip prohibits 4 any calculation of the calculation means; the member is revoked. Otherwise, the chip authorizes any calculation of the calculation means.
  • FIG. 5 schematically illustrates a smart card according to the invention.
  • the chip card 30 is equipped with a chip 31 which comprises at least one means
  • the storage means 32 stores a secret key and an identifier of a first entity owning the smart card.
  • calculation means 33 is implemented a cryptography algorithm having as input arguments at least the secret key.
  • the calculation means 33 is linked to the storage means 32.
  • the reading means 34 makes it possible to read a list of identifiers in the storage means of a second entity, via a telecommunications network.
  • the medium 34 of reading transmits the data read to the means 33 of calculation or / and to the means 35 of authorization by Haisons with each of these means.
  • the authorization means 35 authorizes any calculation by the calculation means 33 as a function of the result of a comparison between the identifier and the content of the Hste. Such a smart card allows the implementation of a method according to the invention.
  • a first application of a method according to the invention is electronic voting.
  • Electronic voting takes place in two phases:
  • a registration on an electoral Hste with an administrative authority - a voting operation with a ballot box connected via a communication network to a server of a voting administration.
  • the voter obtains a personal private key and a private group key in a smart card.
  • the anonymous signature that the voter can produce by means of his smart card, and from his personal private key is said to be "correlable”. This means that, in the event that the voter attempts to anonymously sign a second ballot by producing an anonymous signature, that ballot will be rejected by the ballot box. Indeed, the anonymous signature being correlable, the ballot box is able to verify that it is a second anonymous signature.
  • a malicious voter cannot claim to have lost their group private key, receive another, and be able to vote twice. Indeed, the implementation of a method according to the invention makes it possible to prohibit the use of the first group private key; this group private key is updated when he declares having lost the first group private key. This loss is managed by the implementation of a process according to the invention such as a revocation of the member.
  • a second application of a method according to the invention is an electronic auction service. The auctions involve three protagonists: an auction server, a trusted authority and a client. All of the customers form a group called the group of people. A user wishing to register with the group of cHents must contact the trusted authority which provides him with his personal private key in a smart card. He thus obtains the right to produce an anonymous group signature.
  • each member of the group of bids can bid by signing a message containing in particular the product put up for sale and the amount of its bid.
  • the auction server can verify group membership and therefore the validity of the auction by verifying the signature anonymous group.
  • the winner is the one who gives the last bid before the auction.
  • the last message received by the auction server is therefore that of the winner.
  • the server then addresses this message and the corresponding anonymous group signature to the trusted authority, which is the only one capable of lifting anonymity and therefore of determining the physical identity of the buyer of the product being auctioned.
  • the auctions involve dynamic groups: new people can join the group every day, a member can leave the group or be excluded for fraud at any time. It is therefore essential to set up a revocation system to prevent a revoked member from being able to use their signature fraudulently. Indeed, the revoked member could continue to use his key to participate in the auctions and distort the smooth running of the latter for example by raising the amount. And, if he takes care to withdraw early enough from the process so as not to win the auction in question, then this fraud is not detected since only the identity of the winner is finally revealed.
  • the implementation of a method according to the invention makes it possible to solve the problem of revocation of one or of member (s) of the group.
  • a third application of a method according to the invention is electronic payment.
  • EUe involves four protagonists: a chent, a merchant, a bank and a trusted authority.
  • Each customer must be identified by the system and obtain a private group key stored in a smart card, before being able to make their first transaction.
  • To make a payment the customer must withdraw electronic documents from his bank.
  • the coins he removes are anonymous thanks to the use of a mechanism known as blind signature.
  • the expenditure of a C-piece at a merchant is done as follows: the customer generates by means of his smart card a group signature relating to C-pieces and transmits the signature and C-pieces to the merchant.
  • the merchant verifies the signature of the bank attached to each piece C and verifies the group signature.
  • the merchant accepts the transaction.
  • the merchant forwards to his bank the signatures and the documents received in payment for transfer to his account.
  • the bank sends the group signature relating to the document in question to the trusted authority so that it identifies the undecided customer and sanctions the offender.
  • a reliable mechanism for revoking compromised keys is necessary in order to avoid fraud of the following type: a dishonest customer reports to the authority of trust the loss of his private key s and then declines any responsibility for the frauds which could be committed with s. The cHent gives his key to his accomplice, who can then use s to sign the coins c that he has legitimately withdrawn from the bank, then spend them as many times as he wishes.
  • a method according to the invention makes it possible to solve the problem of revoking the keys s.
EP03729506A 2002-01-17 2003-01-15 Kryptographisches widerrufungsverfahren mit einer chipkarte Withdrawn EP1466304A1 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
FR0200569 2002-01-17
FR0200569A FR2834841B1 (fr) 2002-01-17 2002-01-17 Procede cryptographique de revocation a l'aide d'une carte a puce
PCT/FR2003/000112 WO2003060841A1 (fr) 2002-01-17 2003-01-15 Procede cryptographique de revocation a l'aide d'une carte a puce

Publications (1)

Publication Number Publication Date
EP1466304A1 true EP1466304A1 (de) 2004-10-13

Family

ID=8871337

Family Applications (1)

Application Number Title Priority Date Filing Date
EP03729506A Withdrawn EP1466304A1 (de) 2002-01-17 2003-01-15 Kryptographisches widerrufungsverfahren mit einer chipkarte

Country Status (5)

Country Link
US (1) US7356842B2 (de)
EP (1) EP1466304A1 (de)
AU (1) AU2003215703A1 (de)
FR (1) FR2834841B1 (de)
WO (1) WO2003060841A1 (de)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2005050934A1 (en) * 2003-11-17 2005-06-02 Fotta Keith A Method and apparatus for regulating unsolicited electronic mail
JP4816458B2 (ja) * 2004-09-03 2011-11-16 日本電気株式会社 グループ署名システム、メンバ状態判定装置、グループ署名方法及びメンバ状態判定プログラム
US7711965B2 (en) 2004-10-20 2010-05-04 Intel Corporation Data security
JP2007004461A (ja) * 2005-06-23 2007-01-11 Nec Corp サービス提供システム、アウトソーシング業者装置、サービス提供方法およびプログラム
US8032745B2 (en) 2005-12-20 2011-10-04 International Business Machines Corporation Authentication of I2C bus transactions
FR2895608B1 (fr) * 2005-12-23 2008-03-21 Trusted Logic Sa Procede pour la realisation d'un compteur securise sur un systeme informatique embarque disposant d'une carte a puce
US8914643B2 (en) * 2007-05-24 2014-12-16 Nec Corporation Anonymous authentication system and anonymous authentication method
KR101543711B1 (ko) * 2011-10-11 2015-08-12 한국전자통신연구원 짧은 서명을 제공하는 경량 그룹서명 방법 및 장치
FR3091107A1 (fr) * 2018-12-24 2020-06-26 Orange Procédé et système de génération de clés pour un schéma de signatures anonymes
US10790990B2 (en) 2019-06-26 2020-09-29 Alibaba Group Holding Limited Ring signature-based anonymous transaction
US11783342B1 (en) * 2019-07-09 2023-10-10 Wells Fargo Bank, N.A. Blockchain blacklist anti-money laundering system (BBAMLS)

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3696335A (en) * 1970-04-21 1972-10-03 Jerome H Lemelson Credit verification system
US4734564A (en) * 1985-05-02 1988-03-29 Visa International Service Association Transaction system with off-line risk assessment
US4908521A (en) * 1987-01-06 1990-03-13 Visa International Service Association Transaction approval system
FR2653248B1 (fr) * 1989-10-13 1991-12-20 Gemolus Card International Systeme de paiement ou de transfert d'information par carte a memoire electronique porte monnaie.
US5120939A (en) * 1989-11-09 1992-06-09 At&T Bell Laboratories Databaseless security system
WO2000008610A1 (en) * 1998-08-03 2000-02-17 Microsoft Corporation Offline verification of integrated circuit card using hashed revocation list
US7085931B1 (en) * 1999-09-03 2006-08-01 Secure Computing Corporation Virtual smart card system and method
US6715078B1 (en) * 2000-03-28 2004-03-30 Ncr Corporation Methods and apparatus for secure personal identification number and data encryption

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO03060841A1 *

Also Published As

Publication number Publication date
AU2003215703A1 (en) 2003-07-30
US7356842B2 (en) 2008-04-08
US20050097336A1 (en) 2005-05-05
FR2834841A1 (fr) 2003-07-18
FR2834841B1 (fr) 2004-05-28
WO2003060841A1 (fr) 2003-07-24

Similar Documents

Publication Publication Date Title
CN109359974B (zh) 区块链交易方法及装置、电子设备
EP1461898A1 (de) Verfahren und vorrichtung zur anonymen unterschrift mittels eines gemeinsamen privaten schlüssels
Franco Understanding Bitcoin: Cryptography, engineering and economics
Barber et al. Bitter to better—how to make bitcoin a better currency
EP0055986B1 (de) Sicherheitsverfahren und -vorrichtung zur Dreieckkommunikation von vertraulichen Daten
EP2441207B1 (de) Kryptografisches verfahren für anonyme authentifizierung und separate identifizierung eines benutzers
EP1459479A2 (de) Kryptographisches system für eine gruppensignatur
EP1908215A1 (de) Verfahren zur steuerung sicherer transaktionen unter verwendung einer einzigen mehrfachen doppelschlüsselvorrichtung, entsprechende physische vorrichtung, system und computerprogramm
FR2847401A1 (fr) Procede d'acces a un service avec authentification rapide et anonymat revocable et systeme d'ouverture et de maintien de session
EP1747639A1 (de) Verfahren und system zur erzeugung einer listenunterschrift
EP1612991A1 (de) Elektronisches Wahlverfahren und -system in einem Hochsicherheitskommunikationsnetz
WO2007012583A1 (fr) Procede de controle de transactions securisees mettant en oeuvre un dispositif physique unique, dispositif physique, systeme, et programme d'ordinateur correspondants
FR2892252A1 (fr) Procede et dispositif de creation d'une signature de groupe et procede et dispositif de verification d'une signature de groupe associes.
Küpçü Official arbitration with secure cloud storage application
WO2006048524A1 (fr) Procede de delegation securisee de calcul d'une application bilineaire
WO2003060841A1 (fr) Procede cryptographique de revocation a l'aide d'une carte a puce
EP3262553A1 (de) Verfahren zur transaktion ohne körperliche unterstützung eines sicherheitsidentifikators und ohne token, abgesichert durch strukturelle entkopplung der persönlichen und dienstidentifikatoren
EP0731580B1 (de) Zahlungsverfahren in einer Datenübertragungsanordnung und Anordnung zu dessen Implementierung
WO2002005226A1 (fr) Systeme et procede de gestion de transaction de micropaiement dispositifs client, marchand et intermediaire financier
CA2831167C (fr) Infrastructure non hierarchique de gestion de bi-cles de securite de personnes physiques ou d'elements (igcp/pki)
JP2023036876A (ja) ブロックチェーンにおけるコンピュータ実行方法、システム及び記憶媒体
Bektaş On secure electronic auction process of government domestic debt securities in Turkey
FR2949932A1 (fr) Procede cryptographique d'abonnement anonyme a un service
Barber et al. Bitter to Better—How to Make Bitcoin
Barber et al. This file was downloaded from: http://eprints. qut. edu. au/69169

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20040714

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PT SE SI SK TR

AX Request for extension of the european patent

Extension state: AL LT LV MK RO

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 9/32 20060101AFI20101103BHEP

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20110427