Cryptography – Key management – Key distribution
Patent
1998-02-19
2000-04-18
Laufer, Pinchus M.
Cryptography
Key management
Key distribution
380 30, 705 69, 713180, H04L 930
Patent
active
060524677
DESCRIPTION:
BRIEF SUMMARY
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to cryptographic techniques, and more particularly to a method for implementing certificate issuing protocols that can be blinded only restrictively even when the issuing is performed in parallel mode.
2. Description of the Prior Art
Two basic types of certificates can be distinguished, public-key certificates and secret-key certificates. A public-key certificate is a digital signature of an issuer herein called a Certification Authority, on a public key. The other basic type, secret-key certificates, is described and claimed in patent application Ser. No. 08/321,855, filed Oct. 14, 1994, now U.S. Pat. No. 5,606,617. As with public-key certificates, triples consisting of a secret key, a corresponding public key and a secret-key certificate on the public key can only be retrieved by engaging in an issuing protocol with the Certification Authority. The difference with public-key certificates is that pairs consisting of a public key and a secret-key certificate on the public key can be generated by anyone.
Many signature transporting mechanisms require a Certification Authority to issue triples, consisting of a secret key, a matching public key, and a certificate of the Certification Authority on the public key. Of particular interest for privacy-protecting mechanisms for signature transport are so-called restrictive blind certificate issuing protocols, in which the receiver can blind the issued public key and the certificate, but not a predetermined non-trivial predicate of the secret key; this part of the secret-key is said to be blinding-invariant. Restrictive blind certificate issuing protocols, and methods for applying them to privacy-protecting mechanisms for value transfer such as in particular off-line electronic cash, are described and claimed in patent application Ser. No. 08/203,231, filed Feb. 28, 1994, now U.S. Pat. No. 5,521,980.
Patent application Ser. No. 08/203,231, filed Feb. 28, 1994, and patent application Ser. No. 08/321,855, filed Oct. 14, 1994, now U.S. Pat. No. 5,521,980 and 5,606,617, respectively describe and claim restrictive blind certificate issuing protocols for secret-key certificates. Only one restrictive blind issuing protocol for public-key certificates is described in patent application Ser. No. 08/203,231, filed Feb. 28, 1994, now U.S. Pat. No. 5,521,980; all the other exemplary schemes are for issuing secret-key certificates. While these secret-key certificate issuing protocols are believed to be secure when executed sequentially, they should not be run in parallel when different blinding-invariant numbers are involved: that would enable an attack in which completely blinded triples can be retrieved. In other words, even the presumed blinding-invariant numbers can then be blinded.
For highly demanding transaction environments it is believed to be desirable to have certificate issuing protocols that are secure even when they are executed in parallel. This also allows the issuing to be performed in a distributed manner without requiring coordination between the distributed issuing agents. This invention describes an inventive method for designing certificate issuing protocols that are restrictive blind even when executions of the issuing protocol are performed in parallel with respect to different blinding-invariant numbers. The inventive method can be applied to at least all the secret-key certificate schemes described in patent application Ser. No. 08/203,231, filed Feb. 28, 1994, and patent application Ser. No. 08/321,855, filed Oct. 14, 1994, now U.S. Pat. No. 5,521,980 and 5,606,617, respectively.
OBJECTS OF THE INVENTION
Accordingly, it is an object of the present invention to construct efficient and secure restrictive blind certificate issuing protocols, by means of which an issuer party can issue triples consisting of a secret key, a matching public key and a corresponding certificate, such that the public key and the certificate can be perfectly blinded by the receiving party, bu
REFERENCES:
patent: 5521980 (1996-05-01), Brands
patent: 5606617 (1997-02-01), Brands
P. Horster et al "Meta-Elgamal Signature Schemes", Technical Report TR-941-5-F, 1994 University of Technology Chemnitz-Zwickau 16 pages.
P. Horster et al "Meta-Message Recovery and Meta-Blind Signature Schemes Based on the Discrete Logarithm Problem and Their Applications" ASIACRYPT '94 Proceedings pp. 224-237.
S. A. Brands, "Untraceable Off-Line Cash in Wallet with Observers" Proceedings of Crypto '93 pp. 302-318.
S. Brands, "More on Restrictive Blind Issuing of Secret-key Certificates in Parallel Mode," Centrum voor Wiskunde en Informatica Report, CS-R9534, pp. 2 and bibliography items 9 & 10 (Mar. 1995, Amsterdam, NL, XP002009896).
S. Brands, "A Note on Parallel Executions of Restrictive Blind Issuing Protocols for Secret-key Certificates," Centrum voor Wiskunde en Informatica Report, CS-R9519, pp. 2 (Mar. 1995, Amsterdam, NL, XP002009892).
S. Brands, "Restrictive Binding of Secret-key Certificates," Centrum voor Wiskunde en Informatica Report, CS-R9509, pp. 10; Fig. 1; pp. 26-29; bibliography item 3 (Feb. 1995, Amsterdam, NL, XP002009893).
S. Brands, "Secret-key Certificates," Centrum voor Wiskunde en Informatica Report, CS-R9510, abstract (Feb. 1995, Amsterdam, NL, XP002009894).
S. Brands, "Restrictive Blind Issuing of Secret-key Cerificates in Parallel Mode," Centrum voor Wiskunde en Informatica Report, CS-R9523, pp. 1-3; all Figs. (Mar. 1995, Amsterdam, NL, XP002009895).
S. Brands, "Secret-key Certificates," Centrum voor Wiskunde en Informatica Report, CS-R9555, establishes publication dates of CS-R9509 and CS-R9510, (Jul. 1995, Amsterdam, NL, XP002009897).
LandOfFree
System for ensuring that the blinding of secret-key certificates does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System for ensuring that the blinding of secret-key certificates, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System for ensuring that the blinding of secret-key certificates will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2342835