WO2013090881A1 - Combined digital certificate - Google Patents

Combined digital certificate Download PDF

Info

Publication number
WO2013090881A1
WO2013090881A1 PCT/US2012/070014 US2012070014W WO2013090881A1 WO 2013090881 A1 WO2013090881 A1 WO 2013090881A1 US 2012070014 W US2012070014 W US 2012070014W WO 2013090881 A1 WO2013090881 A1 WO 2013090881A1
Authority
WO
WIPO (PCT)
Prior art keywords
certificate
computer
authorities
private key
digital certificate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/US2012/070014
Other languages
English (en)
French (fr)
Inventor
Eric Thierry PEETERS
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Texas Instruments Japan Ltd
Texas Instruments Inc
Original Assignee
Texas Instruments Japan Ltd
Texas Instruments Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Texas Instruments Japan Ltd, Texas Instruments Inc filed Critical Texas Instruments Japan Ltd
Priority to JP2014547543A priority Critical patent/JP6043804B2/ja
Priority to CN201280062244.1A priority patent/CN104012036B/zh
Publication of WO2013090881A1 publication Critical patent/WO2013090881A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves

Definitions

  • This relates to digital certificates in general and, more particularly, to apparatus and methods for generating combined digital certificates.
  • Public-key cryptography refers to a cryptographic system requiring two separate keys, one to lock or encrypt plaintext, and one to unlock or decrypt cyphertext. One of these keys is published or public (a public key) and the other is kept private (a private key). If the lock/encryption key is the one published then the system enables private communication from the public to the unlocking key's owner. If the unlock/decryption key is the one published then the system serves as a signature verifier of documents locked by the owner of the private key.
  • a public-key cryptosystem can be employed in various schemes for providing confidentiality, integrity, authentication or non-repudiation function. Non-repudiation or authentication can be achieved through a digital certificate such as a public key digital certificate.
  • a public key digital certificate can include two parts: the data and a signature of the data. The data can include the public-key and a unique identifier of a subscriber to a trusted third party: the certificate authority (CA).
  • CA certificate authority
  • a signature of the CA on the subscriber's public-key conveys an authentic binding between the subscriber public key and the subscriber's identity (ID).
  • One example relates to a system that can comprise a memory to store computer readable instructions and a processing unit to access the memory and to execute the computer readable instructions.
  • the computer readable instructions can comprise a certificate manager configured to request generation of N number of random values, where N is an integer greater than or equal to one.
  • the certificate manager can also be configured to request a digital certificate from at least one certificate authority of at least two certificate authorities. The request can include a given one of the N number of random values.
  • the certificate manager can also be configured to generate a private key of a public-private key pair, wherein the private key is generated based on a private key of each of the at least two certificate authorities.
  • Another example relates to a method for generating a combined digital certificate.
  • the method can comprise generating, at a computer, N number of values at a computer, wherein N is an integer greater than or equal to two.
  • the method can also comprise, providing, from the computer, a request that includes a given one of the N number of random values to a
  • the method can further comprise receiving, at the computer, a digital certificate from each of the N number of certificate authorities.
  • the method can still further comprise generating, at the computer, a private key for the computer based on a combination of data received from each of the N number of certificate authorities.
  • the method can yet further comprise generating, at the computer, a combined digital certificate based on a combination of each digital certificate received from each of the N number of certificate authorities.
  • the method can comprise generating, at a computer, a random value.
  • the method can also comprise providing, from the computer, the random value to a first of two certificate authorities.
  • the method can further comprise receiving, at the computer, a digital certificate from a second of the two certificate authorities.
  • the digital certificate can be based on a digital certificate generated at the first certificate authority.
  • the method can still further comprise generating, at the computer, a private key for the computer based on a number from each of the two certificate authorities.
  • the method can yet further comprise generating, at the computer, a combined digital certificate based on data included in the digital certificate received at the computer.
  • FIG. 1 illustrates an example of a system for generating a combined digital certificate.
  • FIGS. 2 A and 2B illustrate a flowchart of an example method for generating a combined digital certificate.
  • FIGS. 3A and 3B illustrate another flowchart of an example method for generating a combined digital certificate.
  • FIG. 4 illustrates another example of a system for generating a combined digital certificate.
  • a computer such as a crypto processor can be employed to generate and manage a combined digital certificate.
  • the combined digital certificate can include data for generating a public key that is generated based on data received from multiple certificate authorities.
  • the computer can also generate a corresponding private key, which shall be stored separately (and securely) from the combined digital certificate.
  • the private key can also be based on data provided from multiple certificate authorities. In this manner, even if an unauthorized user (e.g., a hacker) compromises one of the multiple certificate authorities, such an unauthorized user would be unable to determine the private key.
  • FIG. 1 illustrates an example of a system 2 for generating and managing a combined digital certificate 3.
  • the combined digital certificate 3 can be generated by employing any discrete logarithm public key system, such as, but not limited to El-Gamal Signature, Schnorr Signature, Digital Secure Algorithm (DSA) or a variation thereof. Any of those schemes can use Elliptic curve cryptography (ECC) which provides inherently low memory and computation requirements.
  • the system 2 can include, for example, a computer 4 that includes a memory 6 for storing machine readable instructions.
  • the computer 4 could be implemented, for example, as a crypto processor, an application specific integrated circuit chip (ASIC), a smart card, a smart phone, a desktop computer, a notebook computer or the like.
  • ASIC application specific integrated circuit chip
  • the memory 6 could be implemented, for example, as a non-transitory computer readable medium, such as random access memory (RAM), flash memory, a hard drive, etc. Some portions of the memory 6 can be accessed by external systems upon request. However, in some examples, some portions of the memory 6 can be secure and only accessible by internal components of the computer 4.
  • the computer 4 can also include a processing unit 8 for accessing the memory 6 and executing the machine readable instructions.
  • the processing unit 8 could be implemented, for example, as a processor core.
  • the memory 6 can include a certificate manager 10 that can generate, modify and/or manage the combined digital certificate 3, which combined digital certificate 3, can also be stored in the memory 6. It is to be understood that in other examples, the certificate manager 10 could be stored on another system, such as an external system, such as a server or a host system, such a smart phone or other device that houses the computer 4.
  • the certificate manager 10 can initiate a generation of the combined digital certificate 3 in response to a condition being met. For instance, if the computer 4 is implemented as a crypto processor, the certificate manager 10 could initiate the generation of the digital certificate in response to an activation request from another system. In other examples, the certificate manager 10 could initiate the generation of the combined digital certificate 3 in response to user input.
  • the computer 4 can communicate with N number of certificate authorities 12 over a network 14, where N is an integer greater than or equal to two.
  • the network 14 could be implemented, for example, as a public network (e.g., the Internet), a private network, or the like.
  • Each certificate authority 12 of the N number of certificate authorities 12 can be implemented as a system that issues digital certificates.
  • the digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (third parties) to rely upon signatures or assertions made by a private key that corresponds to the public key that is certified.
  • each of the 1-N certificate authorities 12 is a trusted third party that is trusted by both the subject (owner) of the certificate and the third party relying upon the certificate.
  • the certificate manager 10 in response to initiation of the generation of the combined digital certificate 3, can request that N number of random numbers be generated by the processing unit 8, which random numbers can be referred to as "rl ...rN.” It is noted that in some examples, the certificate manager 10, can provide separate requests over a relatively large period of time for generation of the random numbers. For instance, the certificate manager 10 can be configured to request generation of rl at a time of manufacture. Additionally, the certificate manager 10 can be configured to request generation of r2-rN after delivery of the computer 4 to a customer site. As one example, the computer 4 can be embedded with rl and can be configured to request generation of r2-rN upon activation at the customer site.
  • the certificate manager 10 can send rl (or a multiple thereof) to certificate authority 1.
  • the certificate authority 1 can return a digital certificate 1 which can include data for generating a public key for the computer 4, wherein the public key is associated with the certificate authority 1.
  • the certificate authority 1 can also include data, such as an integer for generating a private key that corresponds to the public key associated with the certificate authority 1. It is noted that in some examples, the digital certificate 1 and the data for generating the private key and public key associated with the certificate authority 1 can be embedded into the computer 4 at a time of manufacture of the computer 4. Additionally, the certificate manager 10 can send r2...rN to a corresponding certificate authority 12 of each of the 2-N certificate authorities 12.
  • each of the 2-N certificate authorities 12 can provide the computer 4 with a corresponding digital certificate, and data for generating a public key and corresponding private key for the computer 4, which can be associated with a corresponding 2-N certificate authority 12, which data can be referred to as certificate data.
  • the certificate manager 10 and/or the processing unit 8 can employ the certificate data provided by each of the 1-N certificate authorities 12 to generate a private key for the computer 4, which private key can be referred to as SKey 16.
  • the certificate manager 10 can also provide public key data 18 that is based on the digital certificates 1-N for generating a public key for the computer 4 that corresponds to Skey 16, which can be referred to as PKey.
  • the public key data 18 can be provided to a third party.
  • the public key data 18 can be known by the third party through other methods (e.g., a registration service).
  • the certificate manager 10 can also generate the combination certificate 3 that can include the public key data 18.
  • the combination certificate 3 can also include data for identifying each of the 1-N certificate authorities 12. By employing this technique, the certificate manager 10 can generate the combined digital certificate 3 that is based on digital certificates provided by each of the 1-N certificate authorities 12. Moreover, by employing this technique, none of the 1-N certificate authorities 12 need to communicate with each other.
  • the certificate manager 10 can request that one random number be generated by the processing unit 8, which random number can be referred to as rl .
  • the certificate manager 10 can send rl to certificate authority 1.
  • the certificate authority 1 can generate a digital certificate 1 and data (e.g., an integer) for generating a public key and corresponding private key for the computer 4.
  • the certificate authority 1 can forward the data for generating the private key to the computer 4 and forward the digital certificate 1 to a certificate authority 2, wherein the private key is associated with certificate authority 1.
  • the certificate authority 2 can authenticate the certificate authority 1 to ensure that the digital certificate 1 originated from certificate authority 1 and not from an unauthorized source (e.g., a hacker).
  • Certificate authority 2 can generate a digital certificate 2 based on the digital certificate 1 and forward the digital certificate 2 to the certificate manager 10, which digital certificate can include public key data 18 for generating a PKey associated with both certificate authority 1 and certificate authority 2.
  • the certificate authority 2 can also provide data (e.g., an integer) for generating a private key associated with the certificate authority 2.
  • the certificate manager 10 and/or the processing unit 8 can generate an SKey 16 based on data provided from the certificate authority 1 and the certificate authority 2, wherein the SKey 16 corresponds to the PKey .
  • the certificate manager 10 and/or the processing unit 8 can also generate the combined digital certificate 3 based on the digital certificate 2.
  • the combined certificate 3 can include the public key data 18 which can be employed to generate the PKey.
  • the size of the combined certificate can be reduced, which can save memory.
  • the combined digital certificate 3 can be based on data provided by 1-N certificate authorities 12. In the first technique, even if an unauthorized user (e.g., a hacker) gains access to any one of the 1-N certificate authorities 12, the combined digital certificate 3 would not be compromised. In fact, to compromise the security of the combined digital certificate 3, such an unauthorized user would need to compromise to all of the 1-N certificate authorities 12. In the second technique, since the certificate authority 1 is
  • FIGS. 2A, 2B, 3A and 3B example methodologies will be better appreciated with reference to FIGS. 2A, 2B, 3A and 3B. While, for purposes of simplicity of explanation, the example methods of FIGS. 2A, 2B, 3A and 3B are shown and described as executing serially, the present examples are not limited by the illustrated order, as some actions could in other examples occur in different orders and/or concurrently from that shown and described herein.
  • FIGS. 2A and 2B illustrate an example flowchart of an example method 200 that could be employed to generate a combined digital certificate, such as the combined digital certificate 3 illustrated in FIG. 1.
  • certificate generation can be initiated.
  • the certificate initiation could be initiated, for example, by a certificate manager, such as the certificate manager 10 illustrated in FIG. 1.
  • the certificate manager could be executing on a computer, such as a crypto processor.
  • the combined certificate can be generated by employing techniques from ECC. However, other cryptographic techniques could additionally or alternatively be employed.
  • ECC points along a curve E can define a finite field.
  • Equation 1 can define the finite field employed for the method 200.
  • Equations 2 and 3 can represent a relationship between n, P and Q.
  • N number of random numbers can be generated, for example, by a processing unit, such as the processing unit 8 illustrated in FIG. 1.
  • Each of the N number of random numbers can be calculated as points on the curve E.
  • the processing unit can generate a random number, r;, where i is an integer between 1 and N.
  • the processing unit can employ elliptic curve point multiplication to calculate rj.G, where G is a number points on the curve E defined at a generator point G such that r;.G is a point on the curve E.
  • the certificate manager can provide a random number r; to a corresponding certificate authority i, which certificate authority i could be implemented as one of the 1-N certificate authorities 12 illustrated in FIG. 1.
  • Equation 4 can depict the relationship between CcAi and QcAi- It is noted that Equation 4 denotes elliptic curve multiplication.
  • each certificate authority i can assign a different identity number (e.g., a unique ID).
  • each identity number could be implemented as the sum of each identity number attributed by each of the N number of certificate authorities Alternatively, a given one of the certificate authorities i can have on a unique identity number shared by the other certificate authorities i.
  • certificate authority i can calculate ki.G, where ki is a random number within the interval [1, n-1].
  • the certificate authority i can employ Equation 5 to calculate Pi. It is noted that Equation 5 denotes elliptic curve addition.
  • certificate authority i can employ Equation 6 to calculate e;.
  • H is a one way hash function
  • P is the resulting point of the elliptic curve addition given in Equation 5
  • ID is a unique identifier for the computer.
  • the certificate authority i can employ Equation 7 or alternatively Equation
  • the certificate authority i can provide a digital certificate i and other data to the certificate manager, such that at least Pi, s; and e; are provided to the certificate manager.
  • a determination can be made as to whether i is less than or equal to N. If the
  • the method 200 can proceed to 300. If the determination is negative (e.g., NO), the method can proceed to 310 (FIG. 2B). At 300, the value of i can be increased by one and the method can return to 230.
  • the certificate manager can calculate a private key for the associated computer, which private key can be denoted as "SKey.”
  • SKey can be stored, for example, in a secure memory of the computer.
  • Equation 7 is employed to calculate s;
  • the certificate manager can employ Equation 9 to calculate SKey.
  • Equation 8 is employed to calculate s;
  • the certificate manager can employ Equation 10 to calculate SKey.
  • the certificate manager can determine public key data that can be employed (e.g., by a third party) to calculate a public key corresponding to SKey for the associated computer, which public key can be denoted as "PKey.”
  • the public key data can include the Pi provided from each certificate authority i.
  • the third party can employ the public key data to derive PKey.
  • PKey can be based on QCA, which can be implemented as the sum of each QcAi received from the 1-N certificate authorities.
  • the third party can employ Equations 12 and 13 to compute PKey.
  • the combined digital certificate can be generated.
  • the combined digital certificate can identify each certificate authority i employed to generate the combined digital certificate.
  • the combined digital certificate can include the public key data.
  • FIGS. 3A and 3B illustrate an example flowchart of another example of a method
  • certificate generation can be initiated.
  • the certificate initiation could be initiated, for example, by a certificate manager, such as the certificate manager 10 illustrated in FIG. 1.
  • the certificate manager could be executing on a computer, such as a crypto processor.
  • the combined digital certificate can be generated by employing techniques from ECC.
  • ECC electronic code
  • Equation 1 can be employed to define a finite field for the method 400.
  • an elliptical curve E can have a finite number of points 'n'.
  • points P and Q can be points on the curve E.
  • Equations 2 and 3 can define a relationship between n, P and Q.
  • a random number can be generated, for example, by a processing unit, such as the processing unit 8 illustrated in FIG. 1.
  • the random number can be calculated as a point on the curve E.
  • the processing unit can generate a random number, r.
  • the processing unit can employ elliptic curve point multiplication to calculate r.G, where G is a number of points on the curve E defined at a generator point G such that r.G is a point on the curve E.
  • the certificate manager can provide the random number r.G to a certificate authority 1 , which certificate authority i could be implemented as the certificate authority 1 illustrated in FIG. 1.
  • the certificate authority 1 can have a private key, which private key can be referred to as CCAI and a public key denoted as QCAI- In such a situation, Equation 4 can depict the relationship between CCAI and QCAI-
  • certificate authority 1 can calculate ki.G, where ki is a random number within the interval [1, n-1].
  • the certificate authority 1 can employ Equation 5 to calculate Pi.
  • the certificate authority 1 can provide the certificate manager with data that includes at least si.
  • certificate authority 1 can be authenticated by a certificate authority 2. Such an authentication can ensure that data provided from certificate authority 1 did in fact originate from certificate authority 1 and not from an unauthorized source (e.g., a hacker).
  • the certificate authority 1 can provide the certificate authority 2 with Pi and Si .
  • the certificate authority 2 can calculate k 2 .G, where k 2 is a random number within the interval [1, n-1].
  • the certificate authority 2 can employ Equation 15 to calculate P. It is noted that Equation 15 employs elliptical point multiplication.
  • the certificate authority 2 can employ Equation 16 to calculate e.
  • H is a one-way hash function
  • ID is a unique identifier for the computer.
  • the certificate authority 2 can calculate s 2 .
  • the certificate authority 2 can employ Equation 17 to calculate s 2 .
  • the certificate authority can provide the certificate manager with a digital certificate that includes at least P (Equation 15). Additionally, the certificate authority can provide the certificate manager with s 2 .
  • the certificate manager and/or the processing unit can determine public key data that can be employed to generate a public key for the associated computer, which public key can be denoted as "PKey.”
  • the public key data can include the P received from certificate authority 2.
  • a third party can employ the public key data to calculate PKey. For instance, in examples where Equation 18 is employed to calculate SKey, the third party can employ Equations 19 and 20 to calculate PKey.
  • the certificate manager can generate and store the combined digital certificate.
  • the combined digital certificate can include the public key data.
  • FIG. 4 illustrates another example of a system 600 for generating and managing a combined digital certificate 602.
  • the system 600 can include a host computer 604 with a crypto processor 606 stored thereon.
  • the crypto processor 606 could be implemented, in a manner similar to the computer 4 illustrated in FIG. 1.
  • the crypto processor 606 could be implemented as a dedicated computer on a chip or microprocessor for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, thereby providing the crypto processor 606 with a degree of tamper resistance.
  • the crypto processor 606 could be implemented as a trusted platform module (TPM).
  • TPM trusted platform module
  • the host computer 604 can include a memory 607 (e.g., a non-transitory computer readable medium, such as RAM, flash memory, a hard drive or the like) for storing machine-readable instructions.
  • the host computer 604 can also include a processing unit 608 to access the memory 607 and execute the machine -readable instructions.
  • the processing unit 608 can include a processor core.
  • the host computer 604 could be implemented as a smart phone, a desktop computer, a laptop computer, a server or the like.
  • the host computer 604 can communicate with N number of certificate authorities
  • Certificate authority 1 can be implemented as a computer, such as a trusted issuer of digital certificates.
  • Certificate authority 1 can include a memory 614 for storing machine-readable instructions.
  • the memory 614 could be implemented, for example, as RAM, flash memory, a hard drive or the like.
  • the certificate authority 1 can also include a processing unit 618 for accessing the memory 614 and executing machine readable instructions.
  • the memory 614 can include a private key, CCAI 620 for the certificate authority 1.
  • the certificate authority 1 can also include a public key, QCAI 622 for the certificate authority 1.
  • the memory 607 of the host computer 604 can include a certificate manager 616 that can initiate generation of the combined digital certificate 602. Initiation of the generation of the combined digital certificate 602 can be in response to user input. In response to initiation of the generation of the combined digital certificate 602, the certificate manager 616 can request that the crypto processor 606 generate one or more random numbers, such as described with respect to FIGS. 2A, 2B, 3A and 3B.
  • the certificate manager 616 can receive at least K digital certificates 624 from 1-N certificate authorities 610, where K is an integer greater than or equal to one, as well as data from each of the 1-N certificate authorities 610 (e.g., Si ...s n ).
  • the certificate manager 616 can provide the crypto processor 606 with data (e.g., certificate data) to generate a private key (SKey) 626 and public key data 628 for generating a corresponding public key (PKey) 629 for the crypto processor 606 based on data provided from the 1-N certificate authorities 610 (e.g., Si ...s n and Pi ...P n ).
  • the crypto processor 606 can employ the data provided by the certificate manager 616 to generate the combined certificate 602
  • the combined certificate 602 can include the public key data 628.
  • the combined certificate 602 can include, for example, an identification of each of the N number of certificate authorities 610 on which the combined digital certificate 602 is based.
  • the host computer 604 can employ the combined certificate to digitally sign a document 630.
  • the certificate manager 616 can provide the document 630 to the crypto processor 606 along with a request for the digital signature 632.
  • the crypto processor 606 can employ a digest algorithm to create a digest comprised of a portion of the document 630.
  • the crypto processor 606 can employ the SKey 626 to sign the digest of the document 630, which signed digest can be the digital signature 632.
  • a third-party 634 (e.g., a computer system) can request the document 630.
  • the document 630, the combined certificate 602 along with the digital signature 632 and a public key (Qc A i) of a given certificate authority 610 of the N number of certificate authorities 610 can be provided to the third-party 634.
  • the combined certificate can also include the digest algorithm employed for calculating the digest of the document 630.
  • the third party 634 can generate PKey 629 based on the public key data 628.
  • the third-party 634 can communicate with the given certificate authority 610 to validate the public key (Qc A i) of the given certificate authority 610. In this manner, the third- party 634 can trust that PKey 629 was generated based on the private key (cc A i) of the given certificate authority 610. Additionally, the third-party 634 can employ the digest algorithm to regenerate the digest of the document 630. The third-party 634 can verify the digital signature 632 with the PKey 629 included in the combined digital certificate 602, which can result in a verified digest. The third party 634 can compare the regenerated digital digest with the verified digest to ensure that the document 630 was signed by the crypto processor 606 and that the document 630 had not changed since the digital signature 632 for the document 630 was generated.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
PCT/US2012/070014 2011-12-15 2012-12-17 Combined digital certificate Ceased WO2013090881A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2014547543A JP6043804B2 (ja) 2011-12-15 2012-12-17 組み合わされたデジタル証明書
CN201280062244.1A CN104012036B (zh) 2011-12-15 2012-12-17 组合式数字证书

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13/326,837 2011-12-15
US13/326,837 US8793485B2 (en) 2011-12-15 2011-12-15 Combined digital certificate

Publications (1)

Publication Number Publication Date
WO2013090881A1 true WO2013090881A1 (en) 2013-06-20

Family

ID=48611461

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2012/070014 Ceased WO2013090881A1 (en) 2011-12-15 2012-12-17 Combined digital certificate

Country Status (4)

Country Link
US (2) US8793485B2 (enExample)
JP (1) JP6043804B2 (enExample)
CN (1) CN104012036B (enExample)
WO (1) WO2013090881A1 (enExample)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9055059B1 (en) * 2009-12-16 2015-06-09 Symantec Corporation Combining multiple digital certificates
US8364954B2 (en) 2009-12-16 2013-01-29 Symantec Corporation Method and system for provisioning multiple digital certificates
US8375204B2 (en) 2009-12-16 2013-02-12 Symantec Corporation Method and system to combine multiple digital certificates using the subject alternative name extension
US10171452B2 (en) * 2016-03-31 2019-01-01 International Business Machines Corporation Server authentication using multiple authentication chains
US9660978B1 (en) * 2016-08-08 2017-05-23 ISARA Corporation Using a digital certificate with multiple cryptosystems
US11184180B2 (en) * 2018-02-05 2021-11-23 Lg Electronics, Inc. Cryptographic methods and systems using blinded activation codes for digital certificate revocation
US10425401B1 (en) 2018-10-31 2019-09-24 ISARA Corporation Extensions for using a digital certificate with multiple cryptosystems
KR102435056B1 (ko) * 2019-08-26 2022-08-22 (주)라닉스 확장함수를 이용한 복수의 인증서 발급 시스템 및 그 발급 방법
US20230254300A1 (en) * 2022-02-04 2023-08-10 Meta Platforms Technologies, Llc Authentication of avatars for immersive reality applications

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020184491A1 (en) * 2001-06-01 2002-12-05 International Business Machines Corporation Internet authentication with multiple independent certificate authorities
US20030115457A1 (en) * 2001-12-19 2003-06-19 Wildish Michael Andrew Method of establishing secure communications in a digital network using pseudonymic digital identifiers
US20090319783A1 (en) * 2003-08-15 2009-12-24 Thornton Russell S Method of Aggregating Multiple Certificate Authority Services
US20100166188A1 (en) * 1998-03-23 2010-07-01 Certicom Corp. Implicit certificate scheme
US20110087883A1 (en) * 2009-05-05 2011-04-14 Certicom Corp. Self-signed implicit certificates

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4071870B2 (ja) * 1998-08-20 2008-04-02 インターナショナル・ビジネス・マシーンズ・コーポレーション 秘密鍵生成方法
GB2357225B (en) 1999-12-08 2003-07-16 Hewlett Packard Co Electronic certificate
JP3479015B2 (ja) * 1999-12-28 2003-12-15 日本電信電話株式会社 暗号鍵分散生成方法、署名生成・検証方法、暗号鍵分散生成装置、署名生成・検証装置、暗号鍵分散生成プログラムおよび署名生成・検証プログラムをそれぞれ記録したコンピュータ読み取り可能な記録媒体
US7328344B2 (en) 2001-09-28 2008-02-05 Imagitas, Inc. Authority-neutral certification for multiple-authority PKI environments
JP4130575B2 (ja) * 2002-12-06 2008-08-06 日本電信電話株式会社 署名者装置におけるディジタル署名方法、および署名者装置用ディジタル署名プログラム
US8707024B2 (en) 2006-06-07 2014-04-22 Red Hat, Inc. Methods and systems for managing identity management security domains
CN101521883B (zh) * 2009-03-23 2011-01-19 中兴通讯股份有限公司 一种数字证书的更新和使用方法及系统
US8375204B2 (en) * 2009-12-16 2013-02-12 Symantec Corporation Method and system to combine multiple digital certificates using the subject alternative name extension
US20120233457A1 (en) * 2011-03-08 2012-09-13 Certicom Corp. Issuing implicit certificates
US10110386B2 (en) 2011-06-10 2018-10-23 Certicom Corp. Implicitly certified digital signatures

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100166188A1 (en) * 1998-03-23 2010-07-01 Certicom Corp. Implicit certificate scheme
US20020184491A1 (en) * 2001-06-01 2002-12-05 International Business Machines Corporation Internet authentication with multiple independent certificate authorities
US20030115457A1 (en) * 2001-12-19 2003-06-19 Wildish Michael Andrew Method of establishing secure communications in a digital network using pseudonymic digital identifiers
US20090319783A1 (en) * 2003-08-15 2009-12-24 Thornton Russell S Method of Aggregating Multiple Certificate Authority Services
US20110087883A1 (en) * 2009-05-05 2011-04-14 Certicom Corp. Self-signed implicit certificates

Also Published As

Publication number Publication date
CN104012036A (zh) 2014-08-27
US20130159702A1 (en) 2013-06-20
US20150349963A1 (en) 2015-12-03
US8793485B2 (en) 2014-07-29
US9231770B2 (en) 2016-01-05
JP6043804B2 (ja) 2016-12-14
JP2015501112A (ja) 2015-01-08
CN104012036B (zh) 2017-11-21

Similar Documents

Publication Publication Date Title
US11620387B2 (en) Host attestation
US9231770B2 (en) Combined digital certificate
US9853816B2 (en) Credential validation
Chen et al. Flexible and scalable digital signatures in TPM 2.0
US9967239B2 (en) Method and apparatus for verifiable generation of public keys
CN107810617B (zh) 机密认证和供应
US10027481B2 (en) Management of cryptographic keys
US9003181B2 (en) Incorporating data into cryptographic components of an ECQV certificate
US20050058294A1 (en) Method, system and device for enabling delegation of authority and access control methods based on delegated authority
US9531540B2 (en) Secure token-based signature schemes using look-up tables
WO2018119670A1 (zh) 一种无证书部分盲签名方法和装置
CN105264819A (zh) 最小披露凭证验证和撤销
US9882890B2 (en) Reissue of cryptographic credentials
EP3529948B1 (en) Composite digital signatures
US20170373847A1 (en) Method for updating a public key
CN109936456B (zh) 基于私钥池的抗量子计算数字签名方法和系统
CN105141419B (zh) 大属性域的属性基签名方法及系统
US8868910B2 (en) Elliptic curve cryptographic signature
CN106972924A (zh) 加密、解密、电子签章、验证签章的方法及装置
CN117611162A (zh) 基于椭圆曲线密码算法的交易认证方法及装置
CN108664814B (zh) 一种基于代理的群组数据完整性验证方法
CN119402187B (zh) 基于签名见证和身份加密的密文存储方法及系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12857965

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2014547543

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12857965

Country of ref document: EP

Kind code of ref document: A1