JP7091322B2 - 複合デジタル署名 - Google Patents
複合デジタル署名 Download PDFInfo
- Publication number
- JP7091322B2 JP7091322B2 JP2019521726A JP2019521726A JP7091322B2 JP 7091322 B2 JP7091322 B2 JP 7091322B2 JP 2019521726 A JP2019521726 A JP 2019521726A JP 2019521726 A JP2019521726 A JP 2019521726A JP 7091322 B2 JP7091322 B2 JP 7091322B2
- Authority
- JP
- Japan
- Prior art keywords
- signature
- message
- secret
- server
- share
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/3033—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to pseudo-prime or prime number generation, e.g. primality test
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3255—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Description
本発明の範囲を逸脱することなく、これらの実施形態の様々な変形が生成可能である。
すなわち、サーバはTe≡m mod n1であることをチェックする。
例えば、サーバは通信を終了し、送信者にエラーメッセージを送信してよい。
選択された2つの素数のいずれかが上記に当てはまらなかった場合、サーバは1つ以上の新たな素数を選択し、再度チェックを実行する。選択された2つの素数がgcd(p2-1,e)=gcd(q2-1,e)=1を満足した場合、本方法はステップ515に移行する。
RSA署名Σ=(・)d mod nは、パディングスキームPとともに、現存する適応的選択メッセージ攻撃による偽造に対して安全であると仮定する。これは敵対者AΣが署名スキームに対してオラクルアクセスを持ち、MとΣ(H(M))の対を保つ必要があることを意味する。H(M)はオラクルから問い合わされたことはない。ここでHは、ランダムオラクルとしてモデル化されたハッシュ関数である。
悪意のあるサーバは、
クライアント装置の秘密鍵dのシェアrを有する敵対者Aであると考えられ、Zφ(n)上に一様に分布する。サーバ敵対者Aはまた、サーバに署名要求を送信するクライアント装置への接続を有する。Aはこのような接続をオラクルΣ’として使うことができる、すなわちAは、メッセージmを選択し、mをオラクルに送信し、Σ’(m)= P(m)d-r mod nを取得することができると仮定する。Aはrを知っているので、Aは容易にΣ(m)=Σ’(m)・P(m)r mod nを計算することができる。
クライアント装置のシェアは、鍵としてPINを用いたブロック暗号で暗号化されていると仮定する。暗合は、2つのサポーティングオラクルEk(x)とEk -1(x)を持つ理想的な暗合としてモデル化される。敵対者は、暗号化c=EPIN(d-r)を見て、予想したPIN pを持つオラクルコールEp -1(c)を用いてこれを復号化することを試みるかもしれない。p=PINであれば、y=d-rである。そうでなければ、yは、d-rおよびdと独立なランダム変数である。変数d-rとyとは同様に分布しているので、敵対者はp=PINであることを知ることができないことに注意されたい。このことは、サーバとの通信を介してのみチェックすることができる。
要素のオーダは群のサイズの約数でなければならないので、Z* nの任意の要素mは、オーダord(m)∈{11,2,4}を持つか、またはord(m)≧min{p’,q’}である。オーダ1,2,4のすべての要素はZn=Zp×Zqにおける多項式X4-1のルートであり、次数dの任意の多項式はZp×Zqにおいてdを超えないルートを持つので、Znにおけるルートの数はd2を超えない。従って、min{p’,q’}より小さい次数の要素の数は、d2=42=16を超えない。
ここでaとa’とは区間[1…l-1]内にある。
従って、Z* nのサイズはφ(n)=(p-1)(q-1)=4aa’p’q’である。
要素のオーダは群のサイズの約数でなければならないので、Z* nの任意の要素mは、4aa’で割り切れるオーダord(m)を持つか、またはord(m)≧min{p’,q’}である。
4aa’で割り切れるすべての要素はZn=Zp×Zqにおける多項式X4-1のルートであり、次数dの任意の多項式はZp×Zqにおいてdを超えないルートを持つので、Znにおけるルートの数はd2を超えない。
従って、min{p’,q’}=min{(p-1)/(2a),(q-1)/(2a’)}≧min{(p-1)/(2l),(q-1)/(2l)}より小さい次数の要素の数は、d2=(4aa’)2≦16l4を超えない。
これはδ≦δa+δb≦((3/K)+(t/S)+(2(-h+4))+(2K2/(min{p,q}-1)))であることを意味する。
Claims (19)
- 複合暗号署名を生成する方法であって、
メッセージと第一者署名の第1部分とをサーバで受信するステップを備え、前記第一者署名の第1部分は前記メッセージと第1の秘密鍵の第1のシェアとから導出され、
前記第一者署名の前記第1部分と前記第1の秘密鍵の第2のシェアとから第一者署名を前記サーバで生成するステップを備え、
前記メッセージと第2の秘密鍵とから第二者署名を前記サーバで生成するステップを備え、
複合暗号署名を生成するために、前記第一者署名と前記第二者署名とを前記サーバで結合するステップを備える方法。 - 前記第1の秘密鍵と公開鍵とは第1の鍵のペアであり、
前記第2の秘密鍵と前記公開鍵とは第2の鍵のペアを形成する請求項1に記載の方法。 - 前記第1の秘密鍵は、第1の秘密モジュラスと、第1の秘密エクスポーネントと、を備え、
前記第2の秘密鍵は、第2の秘密モジュラスと、第2の秘密エクスポーネントと、を備え、
前記公開鍵は、公開エクスポーネントを備える請求項2に記載の方法。 - 前記第1の秘密モジュラスは素数の積であり、
前記第2の秘密モジュラスは素数の積であり、
前記素数の各々は、前記公開エクスポーネントと互いに素である請求項3に記載の方法。 - 前記第1の秘密モジュラスと前記第2の秘密モジュラスとから複合公開モジュラスを生成するステップをさらに備える請求項3または4に記載の方法。
- 前記第1の秘密鍵の前記第1のシェアは、前記第1の秘密エクスポーネントの第1の付加的なシェアを備え、
前記第1の秘密鍵の前記第2のシェアは、前記第1の秘密エクスポーネントの第2の付加的なシェアを備える請求項3から5のいずれかに記載の方法。 - 前記第1の秘密鍵の前記第1のシェアは、前記第1の秘密エクスポーネントの第1の倍増されたシェアを備え、
前記第1の秘密鍵の前記第2のシェアは、前記第1の秘密エクスポーネントの第2の倍増されたシェアを備える請求項3から5のいずれかに記載の方法。 - 前記公開鍵と前記メッセージとを用いて、前記第一者署名の第1部分の起源を証明するステップをさらに備える請求項3から5のいずれかに記載の方法。
- メッセージと第一者署名の第1部分とを受信するステップは、前記メッセージと前記第一者署名の前記第1部分とを備える署名リクエストを受信するステップを備え、
前記第一者署名の第1部分の起源を証明するステップは、以下のチェックするステップ、すなわち、前記署名リクエストが1つ以上の同じ起源からの過去の通信に関する情報をさらに備えることをチェックするステップを備える請求項8に記載の方法。 - 前記複合暗号署名を送信するステップをさらに備える請求項1から9のいずれかに記載の方法。
- メッセージと第一者署名の第1部分とを受信するステップは、メッセージと第一者署名の第1部分とをクライアント装置から受信するステップを備える請求項1から10のいずれかに記載の方法。
- メッセージと第一者署名の第1部分とを受信するステップは、メッセージと第一者署名の第1部分とを安全なチャネルを介して受信するステップを備え、
敵対者は、前記安全なチャネルを介してデータにアクセスできないことを特徴とする請求項1から11のいずれかに記載の方法。 - 前記メッセージはハッシュ化されている請求項1から12のいずれかに記載の方法。
- 前記メッセージはパディングされている請求項1から13のいずれかに記載の方法。
- 複合暗号署名を生成する装置であって、
少なくとも1つのプロセッサと、少なくとも1つのメモリと、を備え、
前記少なくとも1つのメモリはコンピュータ実行可能な命令を記憶し、
前記コンピュータ実行可能な命令は、前記コンピュータ実行可能な命令が前記少なくとも1つのプロセッサにより実行されたとき、請求項1から14のいずれかに記載の方法を前記装置に実行させる装置。 - 請求項1から14のいずれかに記載の方法をコンピュータに実行させるためのコンピュータ実行可能な命令を記憶したコンピュータ読み取り可能媒体。
- 複合暗号署名を生成する方法であって、
第1装置において、
メッセージと第1の秘密鍵の第1のシェアとから第一者署名の第1部分を生成するステップと、
前記メッセージと前記第一者署名の前記第1部分とを第2装置に送信するステップと、を備え、
前記第2装置において、
前記第一者署名の前記第1部分と第1の秘密鍵の第2のシェアとから第一者署名を生成するステップと、
前記メッセージと第2の秘密鍵とから第二者署名を生成するステップと、
複合暗号署名を生成するために、前記第一者署名と前記第二者署名とを結合するステップと、を備える方法。 - 前記第2装置において、前記複合暗号署名と複合公開鍵とをクライアント装置に送信するステップと、
前記第1装置において、前記メッセージと前記複合公開鍵とを用いて前記複合暗号署名を証明するステップと、をさらに備える請求項17に記載の方法。 - 複合暗号署名を生成するシステムであって、
第1装置と、第2装置と、を備え、
前記第1装置と前記第2装置の各々は、プロセッサと、少なくとも1つのメモリと、を備え、
前記第1装置の少なくとも1つのメモリと、前記第2装置の少なくとも1つのメモリは、それぞれコンピュータ実行可能な命令を記憶し、
前記コンピュータ実行可能な命令は、前記コンピュータ実行可能な命令が前記第1装置と第2装置のプロセッサにより実行されたとき、請求項17または18に記載の方法を前記第1装置と前記第2装置に実行させるシステム。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB1617620.8 | 2016-10-18 | ||
GBGB1617620.8A GB201617620D0 (en) | 2016-10-18 | 2016-10-18 | Composite digital signatures |
PCT/IB2017/056222 WO2018073685A1 (en) | 2016-10-18 | 2017-10-09 | Composite digital signatures |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2019537349A JP2019537349A (ja) | 2019-12-19 |
JP7091322B2 true JP7091322B2 (ja) | 2022-06-27 |
Family
ID=57680821
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2019521726A Active JP7091322B2 (ja) | 2016-10-18 | 2017-10-09 | 複合デジタル署名 |
Country Status (6)
Country | Link |
---|---|
US (1) | US11251970B2 (ja) |
EP (1) | EP3529948B1 (ja) |
JP (1) | JP7091322B2 (ja) |
EE (1) | EE201700036A (ja) |
GB (1) | GB201617620D0 (ja) |
WO (1) | WO2018073685A1 (ja) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11444779B2 (en) | 2018-08-02 | 2022-09-13 | Paypal, Inc. | Techniques for securing application programming interface requests using multi-party digital signatures |
US11310039B2 (en) * | 2018-11-20 | 2022-04-19 | Board Of Regents, The University Of Texas System | Lightweight distributed signature protocol for mobile computing and IoT devices |
US11601284B2 (en) * | 2019-06-14 | 2023-03-07 | Planetway Corporation | Digital signature system based on a cloud of dedicated local devices |
CN114124396B (zh) * | 2020-09-01 | 2023-12-01 | 中国电信股份有限公司 | 信息传输方法、***和存储介质 |
FR3125189B1 (fr) * | 2021-07-06 | 2023-06-23 | Idemia France | Procédé de génération d'un élément d'une clé cryptographique, procédé de traitement cryptographique, dispositif de traitement cryptographique et programme d'ordinateur associes |
CN114679281B (zh) * | 2022-03-15 | 2023-12-01 | 北京宏思电子技术有限责任公司 | 一种基于rsa的联合签名生成方法及装置 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2006333520A (ja) | 1995-06-05 | 2006-12-07 | Certco Inc | マルチステップディジタル署名方法およびそのシステム |
JP2010239662A (ja) | 1996-10-30 | 2010-10-21 | Fujitsu Ltd | ネットワーク環境における取り引き証明装置 |
US20110264917A1 (en) | 2008-10-22 | 2011-10-27 | Paycool International Ltd. | Method for two step digital signature |
US20120198228A1 (en) | 2010-12-20 | 2012-08-02 | Jon Oberheide | System and method for digital user authentication |
Family Cites Families (168)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US571282A (en) * | 1896-11-10 | Steam-boiler | ||
GB646921A (en) * | 1947-04-24 | 1950-11-29 | Standard Telephones Cables Ltd | Metallisation of non-metallic surfaces |
US5825880A (en) * | 1994-01-13 | 1998-10-20 | Sudia; Frank W. | Multi-step digital signature method and system |
US20020013898A1 (en) * | 1997-06-04 | 2002-01-31 | Sudia Frank W. | Method and apparatus for roaming use of cryptographic values |
US5838792A (en) * | 1994-07-18 | 1998-11-17 | Bell Atlantic Network Services, Inc. | Computer system for centralized session key distribution, privacy enhanced messaging and information distribution using a split private key public cryptosystem |
US5870723A (en) * | 1994-11-28 | 1999-02-09 | Pare, Jr.; David Ferrin | Tokenless biometric transaction authorization method and system |
US6119096A (en) * | 1997-07-31 | 2000-09-12 | Eyeticket Corporation | System and method for aircraft passenger check-in and boarding using iris recognition |
IL122230A (en) * | 1997-11-17 | 2003-12-10 | Milsys Ltd | Biometric system and techniques suitable therefor |
US6170058B1 (en) * | 1997-12-23 | 2001-01-02 | Arcot Systems, Inc. | Method and apparatus for cryptographically camouflaged cryptographic key storage, certification and use |
US7107246B2 (en) * | 1998-04-27 | 2006-09-12 | Esignx Corporation | Methods of exchanging secure messages |
US6996716B1 (en) * | 1999-04-15 | 2006-02-07 | Avaya Technology Corp. | Dual-tier security architecture for inter-domain environments |
US6694025B1 (en) * | 1999-06-02 | 2004-02-17 | Koninklijke Philips Electronics N.V. | Method and apparatus for secure distribution of public/private key pairs |
US6934858B2 (en) * | 1999-12-15 | 2005-08-23 | Authentify, Inc. | System and method of using the public switched telephone network in providing authentication or authorization for online transactions |
US7340600B1 (en) * | 2000-01-14 | 2008-03-04 | Hewlett-Packard Development Company, L.P. | Authorization infrastructure based on public key cryptography |
KR100407922B1 (ko) * | 2000-01-18 | 2003-12-01 | 마이크로 인스펙션 주식회사 | 디지털 휴대폰을 이용한 인터넷에서의 인증방법 |
JP3864675B2 (ja) * | 2000-03-09 | 2007-01-10 | 株式会社日立製作所 | 共通鍵暗号装置 |
US20030061506A1 (en) * | 2001-04-05 | 2003-03-27 | Geoffrey Cooper | System and method for security policy |
US7096354B2 (en) * | 2000-08-04 | 2006-08-22 | First Data Corporation | Central key authority database in an ABDS system |
US6823359B1 (en) * | 2000-11-21 | 2004-11-23 | Pfs Trader Tools, Llc | System and method for continually updating dynamic data |
US20030115452A1 (en) * | 2000-12-19 | 2003-06-19 | Ravi Sandhu | One time password entry to access multiple network sites |
US7711122B2 (en) * | 2001-03-09 | 2010-05-04 | Arcot Systems, Inc. | Method and apparatus for cryptographic key storage wherein key servers are authenticated by possession and secure distribution of stored keys |
US20020136410A1 (en) * | 2001-03-26 | 2002-09-26 | Sun Microsystems, Inc. | Method and apparatus for extinguishing ephemeral keys |
US6758394B2 (en) * | 2001-07-09 | 2004-07-06 | Infonox On The Web | Identity verification and enrollment system for self-service devices |
US8200980B1 (en) * | 2001-09-21 | 2012-06-12 | Open Invention Network, Llc | System and method for enrolling in a biometric system |
US7093133B2 (en) * | 2001-12-20 | 2006-08-15 | Hewlett-Packard Development Company, L.P. | Group signature generation system using multiple primes |
JP2005532606A (ja) * | 2001-12-31 | 2005-10-27 | シタデル セキュリティ ソフトウェア インコーポレイテッド | コンピュータの脆弱性を解決する自動化されたシステム |
AU2003212867A1 (en) * | 2002-01-30 | 2003-09-02 | Mastercard International Incorporated | System and method for conducting secure payment transaction |
US7146009B2 (en) * | 2002-02-05 | 2006-12-05 | Surety, Llc | Secure electronic messaging system requiring key retrieval for deriving decryption keys |
US20040054898A1 (en) * | 2002-08-28 | 2004-03-18 | International Business Machines Corporation | Authenticating and communicating verifiable authorization between disparate network domains |
US7334255B2 (en) * | 2002-09-30 | 2008-02-19 | Authenex, Inc. | System and method for controlling access to multiple public networks and for controlling access to multiple private networks |
US8909926B2 (en) * | 2002-10-21 | 2014-12-09 | Rockwell Automation Technologies, Inc. | System and methodology providing automation security analysis, validation, and learning in an industrial controller environment |
KR20040035572A (ko) * | 2002-10-22 | 2004-04-29 | 최운호 | 정보 인프라에서의 종합 침해사고 대응시스템 및 그운영방법 |
US7827607B2 (en) * | 2002-11-27 | 2010-11-02 | Symantec Corporation | Enhanced client compliancy using database of security sensor data |
CA2512645A1 (en) * | 2003-01-07 | 2004-07-29 | Qualcomm Incorporated | System, apparatus and method for replacing a cryptographic key |
US20040139312A1 (en) * | 2003-01-14 | 2004-07-15 | General Instrument Corporation | Categorization of host security levels based on functionality implemented inside secure hardware |
US7496662B1 (en) * | 2003-05-12 | 2009-02-24 | Sourcefire, Inc. | Systems and methods for determining characteristics of a network and assessing confidence |
US7172115B2 (en) * | 2004-04-02 | 2007-02-06 | Riptide Systems, Inc. | Biometric identification system |
US9076343B2 (en) * | 2004-04-06 | 2015-07-07 | International Business Machines Corporation | Self-service system for education |
WO2005107137A2 (en) * | 2004-04-23 | 2005-11-10 | Passmark Security, Inc. | Method and apparatus for authenticating users using two or more factors |
US7526792B2 (en) * | 2004-06-09 | 2009-04-28 | Intel Corporation | Integration of policy compliance enforcement and device authentication |
US20060059569A1 (en) * | 2004-08-27 | 2006-03-16 | Microsoft Corporation | Application and device user verification from an operating system-based authentication service |
US7953979B2 (en) * | 2004-12-15 | 2011-05-31 | Exostar Corporation | Systems and methods for enabling trust in a federated collaboration |
US7562382B2 (en) * | 2004-12-16 | 2009-07-14 | International Business Machines Corporation | Specializing support for a federation relationship |
US7630493B2 (en) * | 2005-01-18 | 2009-12-08 | Tricipher, Inc. | Multiple factor private portion of an asymmetric key |
US7599493B2 (en) * | 2005-02-14 | 2009-10-06 | Tricipher Inc. | Asymmetric key pair having a kiosk mode |
US20060182283A1 (en) * | 2005-02-14 | 2006-08-17 | Tricipher, Inc. | Architecture for asymmetric crypto-key storage |
US7386720B2 (en) * | 2005-02-14 | 2008-06-10 | Tricipher, Inc. | Authentication protocol using a multi-factor asymmetric key pair |
US8700729B2 (en) * | 2005-01-21 | 2014-04-15 | Robin Dua | Method and apparatus for managing credentials through a wireless network |
US7463637B2 (en) * | 2005-04-14 | 2008-12-09 | Alcatel Lucent | Public and private network service management systems and methods |
US7562385B2 (en) * | 2005-04-20 | 2009-07-14 | Fuji Xerox Co., Ltd. | Systems and methods for dynamic authentication using physical keys |
US8028329B2 (en) * | 2005-06-13 | 2011-09-27 | Iamsecureonline, Inc. | Proxy authentication network |
US8225392B2 (en) * | 2005-07-15 | 2012-07-17 | Microsoft Corporation | Immunizing HTML browsers and extensions from known vulnerabilities |
US7958362B2 (en) * | 2005-10-11 | 2011-06-07 | Chang Gung University | User authentication based on asymmetric cryptography utilizing RSA with personalized secret |
US8381297B2 (en) * | 2005-12-13 | 2013-02-19 | Yoggie Security Systems Ltd. | System and method for providing network security to mobile devices |
US7716240B2 (en) * | 2005-12-29 | 2010-05-11 | Nextlabs, Inc. | Techniques and system to deploy policies intelligently |
EP1982288A2 (en) * | 2006-01-26 | 2008-10-22 | Imprivata, Inc. | Systems and methods for multi-factor authentication |
US20090271863A1 (en) * | 2006-01-30 | 2009-10-29 | Sudhakar Govindavajhala | Identifying unauthorized privilege escalations |
US8332627B1 (en) * | 2006-02-08 | 2012-12-11 | Cisco Technology, Inc. | Mutual authentication |
US7331518B2 (en) * | 2006-04-04 | 2008-02-19 | Factortrust, Inc. | Transaction processing systems and methods |
US20070250914A1 (en) * | 2006-04-19 | 2007-10-25 | Avaya Technology Llc | Method and system for resetting secure passwords |
US7571471B2 (en) * | 2006-05-05 | 2009-08-04 | Tricipher, Inc. | Secure login using a multifactor split asymmetric crypto-key with persistent key security |
US7793110B2 (en) * | 2006-05-24 | 2010-09-07 | Palo Alto Research Center Incorporated | Posture-based data protection |
JP2008011512A (ja) * | 2006-06-01 | 2008-01-17 | Canon Inc | データ処理装置、データ記憶装置およびそれらのデータ処理方法 |
US7592906B1 (en) * | 2006-06-05 | 2009-09-22 | Juniper Networks, Inc. | Network policy evaluation |
US20070284429A1 (en) * | 2006-06-13 | 2007-12-13 | Microsoft Corporation | Computer component recognition and setup |
JP4452702B2 (ja) * | 2006-06-21 | 2010-04-21 | 株式会社日立国際電気 | 映像配信システム |
US7623877B2 (en) * | 2006-07-28 | 2009-11-24 | Research In Motion Limited | Limited lifespan for outgoing data at a mobile device |
US8689287B2 (en) * | 2006-08-17 | 2014-04-01 | Northrop Grumman Systems Corporation | Federated credentialing system and method |
US7961645B2 (en) * | 2006-08-23 | 2011-06-14 | Computer Associates Think, Inc. | Method and system for classifying devices in a wireless network |
US8938615B2 (en) * | 2006-09-08 | 2015-01-20 | Ceritcom Corp. | System and method for authenticating radio frequency identification (RFID) tags |
US8538028B2 (en) * | 2006-11-20 | 2013-09-17 | Toposis Corporation | System and method for secure electronic communication services |
US20080120411A1 (en) * | 2006-11-21 | 2008-05-22 | Oliver Eberle | Methods and System for Social OnLine Association and Relationship Scoring |
US8245281B2 (en) * | 2006-12-29 | 2012-08-14 | Aruba Networks, Inc. | Method and apparatus for policy-based network access control with arbitrary network access control frameworks |
KR20080084480A (ko) * | 2007-03-16 | 2008-09-19 | 삼성전자주식회사 | 매개 모듈을 이용한 디바이스간의 상호 인증 방법 및 그시스템 |
US8533841B2 (en) * | 2007-04-02 | 2013-09-10 | Microsoft Corporation | Deriving remediations from security compliance rules |
GB2449510A (en) * | 2007-05-24 | 2008-11-26 | Asim Bucuk | A method and system for the creation, management and authentication of links between people, entities, objects and devices |
US8233624B2 (en) * | 2007-05-25 | 2012-07-31 | Splitstreem Oy | Method and apparatus for securing data in a memory device |
KR100869246B1 (ko) * | 2007-07-10 | 2008-11-18 | 한국전자통신연구원 | 이동통신망에서의 이동단말 디바이스 프로파일 정보 관리 방법 |
WO2009015671A1 (en) * | 2007-07-31 | 2009-02-05 | Sony Corporation | Automatically protecting computer systems from attacks that exploit security vulnerabilities |
US20090055906A1 (en) * | 2007-08-20 | 2009-02-26 | Infineon Technologies Ag | Method and apparatus for embedded memory security |
US8010779B2 (en) * | 2007-09-19 | 2011-08-30 | Novell Inc. | Techniques for secure network searching |
GB2454204A (en) * | 2007-10-31 | 2009-05-06 | Nec Corp | Core network selecting security algorithms for use between a base station and a user device |
EP2232765B1 (fr) * | 2008-01-11 | 2020-03-04 | Orange | Procede et entite de chiffrement symetrique probabiliste |
JP5400301B2 (ja) * | 2008-01-23 | 2014-01-29 | インターナショナル・ビジネス・マシーンズ・コーポレーション | 認証サーバ装置、認証方法、及び認証プログラム |
US8499149B2 (en) * | 2008-02-20 | 2013-07-30 | Hewlett-Packard Development Company, L.P. | Revocation for direct anonymous attestation |
US8136148B1 (en) * | 2008-04-09 | 2012-03-13 | Bank Of America Corporation | Reusable authentication experience tool |
US20090300714A1 (en) * | 2008-05-27 | 2009-12-03 | Open Invention Network Llc | Privacy engine and method of use in a user-centric identity management system |
US8418168B2 (en) * | 2008-05-29 | 2013-04-09 | Research In Motion Limited | Method and system for performing a software upgrade on an electronic device connected to a computer |
US7522723B1 (en) * | 2008-05-29 | 2009-04-21 | Cheman Shaik | Password self encryption method and system and encryption by keys generated from personal secret information |
US8539544B2 (en) * | 2008-05-30 | 2013-09-17 | Motorola Mobility Llc | Method of optimizing policy conformance check for a device with a large set of posture attribute combinations |
US8355337B2 (en) * | 2009-01-28 | 2013-01-15 | Headwater Partners I Llc | Network based service profile management with user preference, adaptive policy, network neutrality, and user privacy |
US8745703B2 (en) * | 2008-06-24 | 2014-06-03 | Microsoft Corporation | Identifying exploitation of vulnerabilities using error report |
US9130757B2 (en) * | 2008-08-11 | 2015-09-08 | International Business Machines Corporation | Method for authenticated communication in dynamic federated environments |
US20100042954A1 (en) * | 2008-08-12 | 2010-02-18 | Apple Inc. | Motion based input selection |
US8522010B2 (en) * | 2008-10-20 | 2013-08-27 | Microsoft Corporation | Providing remote user authentication |
US8612305B2 (en) * | 2008-10-31 | 2013-12-17 | Visa International Service Association | User enhanced authentication system for online purchases |
US9443084B2 (en) * | 2008-11-03 | 2016-09-13 | Microsoft Technology Licensing, Llc | Authentication in a network using client health enforcement framework |
US8189789B2 (en) * | 2008-11-03 | 2012-05-29 | Telcordia Technologies, Inc. | Intrusion-tolerant group management for mobile ad-hoc networks |
US8244643B2 (en) * | 2008-11-08 | 2012-08-14 | Fonwallet Transaction Solutions, Inc. | System and method for processing financial transaction data using an intermediary service |
US8245044B2 (en) * | 2008-11-14 | 2012-08-14 | Visa International Service Association | Payment transaction processing using out of band authentication |
US8151333B2 (en) * | 2008-11-24 | 2012-04-03 | Microsoft Corporation | Distributed single sign on technologies including privacy protection and proactive updating |
AU2009323748B2 (en) * | 2008-12-03 | 2015-07-02 | Entersekt International Limited | Secure transaction authentication |
US20100180001A1 (en) * | 2009-01-11 | 2010-07-15 | Dick Clarence Hardt | Contextual messaging and notification system |
US8161527B2 (en) * | 2009-01-23 | 2012-04-17 | Edward Curren | Security Enhanced Data Platform |
US8335933B2 (en) * | 2009-02-13 | 2012-12-18 | Microsoft Corporation | Two-party storage of encrypted sensitive information |
US8548426B2 (en) * | 2009-02-20 | 2013-10-01 | Boku, Inc. | Systems and methods to approve electronic payments |
US8713329B2 (en) * | 2009-02-26 | 2014-04-29 | Red Hat, Inc. | Authenticated secret sharing |
US8340635B2 (en) * | 2009-03-16 | 2012-12-25 | Apple Inc. | Capability model for mobile devices |
DE102009022233A1 (de) * | 2009-05-20 | 2010-11-25 | Feustel, Dietmar | Verwendung einer Zeichenkette in Sytemen der Kryptographie, der Statistik, der Simulation, der Randomisierung, von Spielautomaten und dgl. |
US8528039B2 (en) * | 2009-11-04 | 2013-09-03 | Verizon Patent And Licensing Inc. | System for and method of set-top box memory monitoring |
US9479509B2 (en) * | 2009-11-06 | 2016-10-25 | Red Hat, Inc. | Unified system for authentication and authorization |
US8397301B2 (en) * | 2009-11-18 | 2013-03-12 | Lookout, Inc. | System and method for identifying and assessing vulnerabilities on a mobile communication device |
US8484708B2 (en) * | 2009-12-11 | 2013-07-09 | Canon Kabushiki Kaisha | Delegating authentication using a challenge/response protocol |
US8458798B2 (en) * | 2010-03-19 | 2013-06-04 | Aspect Security Inc. | Detection of vulnerabilities in computer systems |
US8495720B2 (en) * | 2010-05-06 | 2013-07-23 | Verizon Patent And Licensing Inc. | Method and system for providing multifactor authentication |
US8966587B2 (en) * | 2010-06-03 | 2015-02-24 | Qualcomm Incorporated | Identity management via cloud |
CN103370688B (zh) * | 2010-07-29 | 2016-11-09 | 尼尔默尔·朱萨尼 | 一种由简单用户密码生成多因素个性化服务器强密钥的***及其方法 |
US8737623B2 (en) * | 2010-09-13 | 2014-05-27 | Magtek, Inc. | Systems and methods for remotely loading encryption keys in a card reader systems |
US8719930B2 (en) * | 2010-10-12 | 2014-05-06 | Sonus Networks, Inc. | Real-time network attack detection and mitigation infrastructure |
US8646086B2 (en) * | 2010-11-22 | 2014-02-04 | International Business Machines Corporation | Image vulnerability repair in a networked computing environment |
US8510820B2 (en) * | 2010-12-02 | 2013-08-13 | Duo Security, Inc. | System and method for embedded authentication |
CN102625300B (zh) * | 2011-01-28 | 2015-07-08 | 华为技术有限公司 | 密钥生成方法和设备 |
US9154387B2 (en) * | 2011-01-30 | 2015-10-06 | Blue Coat Systems, Inc. | System and method for distributed data collection and heuristic refinement in a network intermediary device |
US9071611B2 (en) * | 2011-02-23 | 2015-06-30 | Cisco Technology, Inc. | Integration of network admission control functions in network access devices |
US8806609B2 (en) * | 2011-03-08 | 2014-08-12 | Cisco Technology, Inc. | Security for remote access VPN |
US8891772B2 (en) * | 2011-06-17 | 2014-11-18 | Microsoft Corporation | Cloud key escrow system |
US8850516B1 (en) * | 2011-06-22 | 2014-09-30 | Emc Corporation | Virtual private cloud that provides enterprise grade functionality and compliance |
US8732475B2 (en) * | 2011-08-17 | 2014-05-20 | Comcast Cable Communication, Llc | Authentication and binding of multiple devices |
US20130044882A1 (en) * | 2011-08-19 | 2013-02-21 | International Business Machines Corporation | Enhancing provisioning for keygroups using key management interoperability protocol (KMIP) |
US8627438B1 (en) * | 2011-09-08 | 2014-01-07 | Amazon Technologies, Inc. | Passwordless strong authentication using trusted devices |
US8843914B1 (en) * | 2011-09-19 | 2014-09-23 | Amazon Technologies, Inc. | Distributed update service |
US8756651B2 (en) * | 2011-09-27 | 2014-06-17 | Amazon Technologies, Inc. | Policy compliance-based secure data access |
US8763077B2 (en) * | 2011-10-07 | 2014-06-24 | Duo Security, Inc. | System and method for enforcing a policy for an authenticator device |
US8756567B2 (en) * | 2011-10-14 | 2014-06-17 | Sap Ag | Profile based version comparison |
US8601554B2 (en) * | 2011-11-09 | 2013-12-03 | Microsoft Corporation | Home realm discovery in mixed-mode federated realms |
US8595822B2 (en) * | 2011-12-29 | 2013-11-26 | Mcafee, Inc. | System and method for cloud based scanning for computer vulnerabilities in a network environment |
US8984276B2 (en) * | 2012-01-10 | 2015-03-17 | Jpmorgan Chase Bank, N.A. | System and method for device registration and authentication |
US9668137B2 (en) * | 2012-03-07 | 2017-05-30 | Rapid7, Inc. | Controlling enterprise access by mobile devices |
CN104246808A (zh) * | 2012-03-30 | 2014-12-24 | 英特尔公司 | 客户端安全评分 |
CA2873695C (en) * | 2012-04-01 | 2019-10-01 | Authentify, Inc. | Secure authentication in a multi-party system |
US9223961B1 (en) * | 2012-04-04 | 2015-12-29 | Symantec Corporation | Systems and methods for performing security analyses of applications configured for cloud-based platforms |
US8667288B2 (en) * | 2012-05-29 | 2014-03-04 | Robert Bosch Gmbh | System and method for message verification in broadcast and multicast networks |
US9110754B2 (en) * | 2012-05-31 | 2015-08-18 | Microsoft Technology Licensing, Llc | Computing device update control |
US8949596B2 (en) * | 2012-07-10 | 2015-02-03 | Verizon Patent And Licensing Inc. | Encryption-based session establishment |
US8756698B2 (en) * | 2012-08-10 | 2014-06-17 | Nopsec Inc. | Method and system for managing computer system vulnerabilities |
US9049011B1 (en) * | 2012-08-15 | 2015-06-02 | Washington State University | Secure key storage and distribution |
US9386003B2 (en) * | 2012-08-16 | 2016-07-05 | Tango Mobile, LLC | System and method for secure transactions |
US8539567B1 (en) * | 2012-09-22 | 2013-09-17 | Nest Labs, Inc. | Multi-tiered authentication methods for facilitating communications amongst smart home devices and cloud-based servers |
US20140156473A1 (en) * | 2012-12-05 | 2014-06-05 | Bank Of America Corporation | Surcharge compliance registry |
US9253185B2 (en) * | 2012-12-12 | 2016-02-02 | Nokia Technologies Oy | Cloud centric application trust validation |
ES2816324T3 (es) * | 2012-12-21 | 2021-04-05 | Nagravision Sa | Método que usa un único dispositivo de autenticación para autenticar a un usuario a un proveedor de servicios entre una pluralidad de proveedores de servicios y dispositivo para realizar dicho método |
US8612470B1 (en) * | 2012-12-28 | 2013-12-17 | Dropbox, Inc. | Application recommendation using stored files |
US9124582B2 (en) * | 2013-02-20 | 2015-09-01 | Fmr Llc | Mobile security fob |
US8893230B2 (en) * | 2013-02-22 | 2014-11-18 | Duo Security, Inc. | System and method for proxying federated authentication protocols |
US9338156B2 (en) * | 2013-02-22 | 2016-05-10 | Duo Security, Inc. | System and method for integrating two-factor authentication in a device |
US9430938B2 (en) * | 2013-03-04 | 2016-08-30 | Hello Inc. | Monitoring device with selectable wireless communication |
US9225840B2 (en) * | 2013-06-19 | 2015-12-29 | Twilio, Inc. | System and method for providing a communication endpoint information service |
ES2765892T3 (es) * | 2013-06-26 | 2020-06-11 | Nokia Technologies Oy | Métodos y aparatos para generar claves en las comunicaciones de dispositivo a dispositivo |
US9122888B2 (en) * | 2013-07-22 | 2015-09-01 | Dell Products, Lp | System and method to create resilient site master-key for automated access |
US8646060B1 (en) * | 2013-07-30 | 2014-02-04 | Mourad Ben Ayed | Method for adaptive authentication using a mobile device |
WO2015013964A1 (en) * | 2013-08-01 | 2015-02-05 | Nokia Corporation | Methods, apparatuses and computer program products for fast handover |
CN105409263B (zh) * | 2013-08-08 | 2019-04-19 | 诺基亚技术有限公司 | 用于代理算法标识选择的方法和装置 |
US9391980B1 (en) * | 2013-11-11 | 2016-07-12 | Google Inc. | Enterprise platform verification |
US9135458B1 (en) * | 2014-02-23 | 2015-09-15 | Aitheras, LLC. | Secure file transfer systems and methods |
WO2016105591A1 (en) * | 2014-12-22 | 2016-06-30 | University Of South Florida | Systems and methods for authentication using multiple devices |
US9641341B2 (en) * | 2015-03-31 | 2017-05-02 | Duo Security, Inc. | Method for distributed trust authentication |
US9906505B2 (en) * | 2015-05-08 | 2018-02-27 | Nxp B.V. | RSA decryption using multiplicative secret sharing |
US9800418B2 (en) * | 2015-05-26 | 2017-10-24 | Infosec Global Inc. | Signature protocol |
-
2016
- 2016-10-18 GB GBGB1617620.8A patent/GB201617620D0/en not_active Ceased
-
2017
- 2017-10-09 JP JP2019521726A patent/JP7091322B2/ja active Active
- 2017-10-09 WO PCT/IB2017/056222 patent/WO2018073685A1/en unknown
- 2017-10-09 EP EP17787028.4A patent/EP3529948B1/en active Active
- 2017-10-09 US US16/342,473 patent/US11251970B2/en active Active
- 2017-10-18 EE EEP201700036A patent/EE201700036A/et unknown
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2006333520A (ja) | 1995-06-05 | 2006-12-07 | Certco Inc | マルチステップディジタル署名方法およびそのシステム |
JP2010239662A (ja) | 1996-10-30 | 2010-10-21 | Fujitsu Ltd | ネットワーク環境における取り引き証明装置 |
US20110264917A1 (en) | 2008-10-22 | 2011-10-27 | Paycool International Ltd. | Method for two step digital signature |
US20120198228A1 (en) | 2010-12-20 | 2012-08-02 | Jon Oberheide | System and method for digital user authentication |
Also Published As
Publication number | Publication date |
---|---|
JP2019537349A (ja) | 2019-12-19 |
WO2018073685A1 (en) | 2018-04-26 |
EP3529948A1 (en) | 2019-08-28 |
EE201700036A (et) | 2018-06-15 |
US20200044861A1 (en) | 2020-02-06 |
EP3529948B1 (en) | 2020-07-22 |
US11251970B2 (en) | 2022-02-15 |
GB201617620D0 (en) | 2016-11-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11184157B1 (en) | Cryptographic key generation and deployment | |
JP7091322B2 (ja) | 複合デジタル署名 | |
US10277395B2 (en) | Cryptographic key-generation with application to data deduplication | |
US9698985B2 (en) | Authentication | |
US7516321B2 (en) | Method, system and device for enabling delegation of authority and access control methods based on delegated authority | |
US8429408B2 (en) | Masking the output of random number generators in key generation protocols | |
US7899184B2 (en) | Ends-messaging protocol that recovers and has backward security | |
JP2020531893A (ja) | 閾値デジタル署名方法及びシステム | |
US8971540B2 (en) | Authentication | |
US9531540B2 (en) | Secure token-based signature schemes using look-up tables | |
US9106644B2 (en) | Authentication | |
US20140173274A1 (en) | Credential validation | |
WO2019110399A1 (en) | Two-party signature device and method | |
KR100989185B1 (ko) | Rsa기반 패스워드 인증을 통한 세션키 분배방법 | |
CN107395627B (zh) | 一种基于单向函数的轻量级认证协议 | |
Pu et al. | Post quantum fuzzy stealth signatures and applications | |
CN110557247A (zh) | 基于身份的抗量子计算区块链方法和*** | |
WO2019056103A1 (en) | SUPERSINGULAR ELLIPTICAL CURVED CRYPTOGRAPH KEY AGREEMENT SCHEME WITH THREE PARTS | |
JP4307589B2 (ja) | 認証プロトコル | |
EP3166013B1 (en) | Modular exponentiation using randomized addition chains | |
TWI381696B (zh) | 基於利用個人化秘密的rsa非對稱式密碼學之使用者認證 | |
WO2009090519A1 (en) | Efficient reconstruction of a public key from an implicit certificate | |
Duc et al. | DiAE: Re-rolling the DiSE | |
JP5392741B2 (ja) | Rsaをベースとしたパスワード認証方式及びその応用 | |
Buop | Data storage security for cloud computing using elliptic curve cryptography |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20200817 |
|
A977 | Report on retrieval |
Free format text: JAPANESE INTERMEDIATE CODE: A971007 Effective date: 20210818 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20210921 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20211221 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20220524 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20220615 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 7091322 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |