Cryptography – Particular algorithmic function encoding – Nbs/des algorithm
Patent
1997-03-24
1999-09-28
Gregory, Bernarr Earl
Cryptography
Particular algorithmic function encoding
Nbs/des algorithm
380 25, 380 30, 380 49, H04L 932, H04L 930, H04L 900
Patent
active
059600837
ABSTRACT:
A method of managing certificates in a communication system having a certifying authority and a directory. Preferably, the method begins by having the certifying authority generate certificates by digitally signing a given piece of data. At a later point time, the certifying authority may produce a string that proves whether a particular certificate is currently valid without also proving the validity of at least some other certificates. The technique obviates use of certification revocation lists communicated between the certifying authority and the directory.
REFERENCES:
patent: Re34954 (1995-05-01), Haber et al.
patent: 4200770 (1980-04-01), Hellman et al.
patent: 4218582 (1980-08-01), Hellman et al.
patent: 4309569 (1982-01-01), Merkle
patent: 4326098 (1982-04-01), Bouricius et al.
patent: 4881264 (1989-11-01), Merkle
patent: 4926480 (1990-05-01), Chaum
patent: 4943707 (1990-07-01), Boggan
patent: 5003597 (1991-03-01), Merkle
patent: 5005200 (1991-04-01), Fischer
patent: 5016274 (1991-05-01), Micali et al.
patent: 5136646 (1992-08-01), Haber et al.
patent: 5136647 (1992-08-01), Haber et al.
patent: 5157726 (1992-10-01), Merkle et al.
patent: 5231666 (1993-07-01), Matyas
patent: 5261002 (1993-11-01), Perlman et al.
patent: 5315657 (1994-05-01), Abadi et al.
patent: 5340969 (1994-08-01), Cox
patent: 5396624 (1995-03-01), Campbell, Jr.
patent: 5420927 (1995-05-01), Micali
patent: 5432852 (1995-07-01), Leighton et al.
patent: 5434919 (1995-07-01), Chaum
patent: 5450493 (1995-09-01), Maher
patent: 5497422 (1996-03-01), Tysen et al.
patent: 5537475 (1996-07-01), Micali
patent: 5544322 (1996-08-01), Cheng et al.
patent: 5606617 (1997-02-01), Brands et al.
patent: 5615268 (1997-03-01), Bisbee et al.
patent: 5659616 (1997-08-01), Sudia
patent: 5666416 (1997-09-01), Micali
patent: 5677955 (1997-10-01), Doggett et al.
patent: 5687235 (1997-11-01), Perlman et al.
patent: 5699431 (1997-12-01), Van Oorschot et al.
patent: 5717757 (1998-02-01), Micali
patent: 5717758 (1998-02-01), Micali
patent: 5748738 (1998-05-01), Bisbee et al.
patent: 5774552 (1998-06-01), Grimmer
Applied Crypotography by Bruce Schneier, 2nd edition, pp. 573-577, Oct. 1995.
CygnaCom Solutions, Inc., "Federal Public Key Infrastructure (PKI) Technical Specifications Part D --Interoperability Profiles," Published on the World Wide Web, Sep. 27, 1995, 91 pages.
Nazario, N., "Federal Public Key Infrastructure (PKI) Version 1 Technical Specifications: Part B --Technical Security Policy," Published on the World Wide Web, Mar. 13, 1996, 20 pages.
Polk, W., editor, "Federal Public Key Infrastructure (PKI) Technical Specifications (Version 1) Part A: Requirements," Published on the World Wide Web, Dec. 6, 1996, 18 pages.
Ford, Warwick, "A Public Key Infrastructure for U.S. Government Unclassified but Sensitive Operations," Published on the World Wide Web, Sep. 1, 1995, 93 pages.
Chokhani, Santosh, et al., "Certificate Policy and Certification Practice Statement Framework", Published on World Wide Web, Nov. 3, 1996.
Polk, William T., "Minimum Interoperability Specifications for PKI Components," Published on the World Wide Web, Nov., 1996.
Chokhani, Santosh, "Security Considerations in Using X. 509 Certificates," Published on the World Wide Web.
Dodson, Donna F., "NIST PKI Implementation Projects," Published on the World Wide Web.
Burr, William, "A Proposed Federal PKI Using X. 509 V3 Certificates: The NISSC Presentation," Published on the World Wide Web.
Farrell, S., et al., "Internet Public Key Infrastructure Part III: Certificate Management Protocols," Published on the World Wide Web, Dec. 1996, 83 printed pages.
Nazario, Noel et al., "Management Model for the Federal Public Key Infrastructure," Published on the World Wide Web, Oct. 24, 1996.
Nazario, Noel A., "Security Policies for the Federal Public Key Infrastructure," Published on the World Wide Web, Oct. 24, 1996.
Burr, William, et al., "MISPC: Minimum Interoperability Specifications for PKI Components," Published on the World Wide Web, Dec. 2, 1996.
Rivest, R.L., et al., "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems", Communications of the ACM, 120-126 (Feb. 1978).
Lamport, L., "Password Authentication with Insecure Communication", Communications of the ACM, 770-772 (Nov. 1981).
Linn, J., IAB Privacy Task Force, Request for Comments No. 1113, "Privacy Enhancement for Internet Electronic Mail: Part I --Message Encipherment and Authentication Procedures" 1-30 (Aug. 1989).
Kent, S., et al., IAB Privacy Task Force, Request for Comments No. 114, "Privacy Enhancement for Internet Electronic Mail: Part II--Certificate-Based Key Management", 1-22 (Aug. 1989).
"Public Key Infrastructure Study --Final Report", National Institute of Standards and Technology (Apr. 1994).
International Standard ISO/IEC 9594-8, "Information technology -- Open Systems Interconnection --The Directory: Authentication framework", ISO/IEC, second edition, Sep. 15, 1995.
Rivest, R. L., et al., "PayWord and MicroMint: Two simple micropayment schemes", MIT Laboratory for Computer Science/Weizmann Institute of Science, 11 pgs. (Nov. 1995).
Housley, R., et al., "Internet Public Key Infrastructure Part I: X.509 Certificate and CRL Profile", Published on the World Wide Web, 1-30 (Jun. 1996).
Farrell, S., et al., "Internet Public Key Infrastructure Part III: Certificate Management Protocols", Published on the World Wide Web, 1-36 (Jun. 1996).
"Final Text of Draft Amendments DAM 4 to ISO/IEC 9594-2, DAM 2 to ISO/ICE 9594-6, DAM 1 to ISO/IEC 9594-7, and DAM 1 to ISO/IEC 9594-8 on Certificate Extensions", 41 pages (Jun. 30, 1996).
ANSI X9.55-1955 "Public Key Cryptography for the Financial Services Industry: Extensions to Public Key Certificates and Certificate Revocation Lists" (working draft) 37 pages (Jul. 3, 1996).
ANSI X9.57-199x Public Key: Crytography for the Financial Services Industry: Certificate Management.COPYRGT. (working draft) 86 pages (Jun. 21, 1996).
Bellare M., et al., "Incremental Crytography: The Case of Hashing and Signing" Proceedings of Crypto '95 216-233 (1995).
Micali, S., "Computationally-Sound Proofs", MIT Laboratory for Computer Science, 55 pages, Apr. 11, 1995.
Micali, S. et al., Abstract entitled "An Efficient Zero-Knowledge Method for Answering Is He In Or Out? Questions" presented by M. Rabin at the National Computer Science Institute In Berkeley, CA (Dec. 1995).
"Escrowed Encryption Standard (EES)", Federal Information Processing Standards Publication 185, Feb. 9, 1994, 7 pps.
Micali, S., "Enhanced Certificate Revocation System", MIT Laboratory for Computer Science, 9 pages, Nov. 1995.
Chaum, D., "Untraceable Electronic Mail Return Addressess and Digital Pseudonyms," Communications of the ACM, vol. 24, No. 2, pp. 84-88, Feb. 1981.
Gennaro et al., "Robert Threshold DSS Signatures," EuroCrypt 96 .
Harn, "Group-Oriented (t,n) threshold digital signature scheme and digital multisignature," IEEE Proc. -Comput. Digit. Tech., Sep. 1994.
Rivest, Ronald L., et al., "SDSI-A Simple Distributed Security Infrastructure," Sep. 15, 1996, Published on the World Wide Web, 50 pages.
Facsimile message from Chini Krishnan of Integris Security, Inc. to Professor Silvio Micali, dated Feb. 17, 1997, 7 pages including cover sheet, submitted in attached sealed envelope as Proprietary Material Not Open To Public To Be Opened Only By Examiner Or Other Authorized Patent and Trademark Office Employee.
Facsimile message from Chini Krishnan of Integris Security, Inc. to Professor Silvio Micali, dated Feb. 25, 1997, 12 pages including cover sheet, submitted in attached sealed envelope as Proprietary Material Not Open To Public To Be Opened Only By Examiner Or Other Authorized Patent And Trademark Office Employee..
International Search Report from PCT/US 96/17374, dated Feb. 19, 1997, 7 pages.
Toward a national public key infrastructure, IEEE Communications Magazine, Sep. 1994, vol. 32, No. 9, USSN 0163-6804, pp. 70-74.
The Digital Distributed System Security Architecture, Proceedings of the 12.sup.th National Computer Security Conference, 1989, pp. 305-319.
one page e-mail message from Dr.
LandOfFree
Certificate revocation system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Certificate revocation system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Certificate revocation system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-712797