-
公开(公告)号:JP2004005643A
公开(公告)日:2004-01-08
申请号:JP2003132588
申请日:2003-05-12
Applicant: IBM
Inventor: CAMENISCH JAN
IPC: G06Q20/02 , G06Q20/06 , G06Q20/12 , G06Q20/38 , G06Q20/40 , G06Q20/42 , G07F7/10 , G09C1/00 , G06F17/60
Abstract: PROBLEM TO BE SOLVED: To provide a method for verifying anonymous payment by defined parties (I, V) in a communication system to provide a public key base. SOLUTION: This method includes (a) a step of receiving an adequacy inspection message including a customer secret key, a customer certificate, at least one customer attribute, a certification signature taken from a coded payment message, and generated by a customer party, and the coded payment message from a retailer party, (b) a step of verifying the adequacy of the certification signature based on an issuance public key, a verification public key, and the coded payment message, (c) a step of decoding at least part of the coded payment message based on a verification secret key corresponding to the verification public key, and obtain customer information related to at least one customer attribute, and a step of using the obtained customer information to initially set the permission of payment when the certification signature is adequate. COPYRIGHT: (C)2004,JPO
-
公开(公告)号:WO2006066999A3
公开(公告)日:2007-02-08
申请号:PCT/EP2005055899
申请日:2005-11-11
Applicant: IBM , AUGENSTEIN OLIVER , CAMENISCH JAN
Inventor: AUGENSTEIN OLIVER , CAMENISCH JAN
CPC classification number: G06F21/6218 , H04L9/0891
Abstract: A method, a system and a computer program for changing an encryption key of data encrypted by a first key and stored on an archive server (40), wherein a conversion is applied to the data, generating recrypted data decryptable by means of a second key, the conversion being generated on a second server (30) and associated with the first key and the second key via a functional operation and transferred from the second server (30) to the archive server (40) via a transfer channel (38).
Abstract translation: 一种用于改变由第一密钥加密并存储在归档服务器(40)上的数据的加密密钥的方法,系统和计算机程序,其中转换被应用于数据,产生借助于第二密钥可解密的再加密数据 经由功能操作在第二服务器(30)上生成并与第一密钥和第二密钥相关联的转换,并且经由传输信道(38)从第二服务器(30)传送到归档服务器(40)。
-
公开(公告)号:WO2004014020A8
公开(公告)日:2004-04-22
申请号:PCT/IB0303187
申请日:2003-07-07
Applicant: IBM , CAMENISCH JAN , KOPROWSKI MACIEJ
Inventor: CAMENISCH JAN , KOPROWSKI MACIEJ
CPC classification number: H04L9/14 , H04L9/3255
Abstract: The presented methods form the basis of a forward-secure signature scheme that is provably secure. Moreover, the presented methods form also the basis of a fine-grained forward-secure signature scheme that is secure and efficient. The scheme allows to react immediately on hacker break-ins such that signatures from the past still remain valid without re-issuing them and future signature values based on an exposed key can be identified accordingly. In general, each prepared signature carries an ascending index such that once an index is used, no lower index can be used to sign. Then, whenever an adversary breaks in, an honest signer can just announce the current index, e.g., by signing some special message with respect to the current index, as part of the revocation message for the current time period. It is then understood that all signatures made in prior time periods as well as all signatures make in the revoked period up to the announced index are valid, i.e., non-reputable.
Abstract translation: 所提出的方法构成了可靠安全的前向安全签名方案的基础。 此外,提出的方法也是安全有效的细粒度前向安全签名方案的基础。 该方案允许立即对黑客入侵进行反应,使得过去的签名仍然保持有效,而不重新发布它们,并且可以相应地识别基于暴露密钥的未来签名值。 一般来说,每个准备的签名都带有上升索引,使得一旦使用索引,就不能使用较低的索引进行签名。 那么,每当对手中断时,一个诚实的签名者就可以通过例如通过当前索引签署一些特殊消息来宣布当前的索引,作为当前时间段的撤消消息的一部分。 据了解,在先前的时间段内进行的所有签名以及在所宣布的索引的撤销时间内的所有签名都是有效的,即非信誉的。
-
公开(公告)号:WO2008026086A2
公开(公告)日:2008-03-06
申请号:PCT/IB2007052586
申请日:2007-07-03
Applicant: IBM , CAMENISCH JAN , PORITZ JONATHAN , ZIMMERMANN ROGER
Inventor: CAMENISCH JAN , PORITZ JONATHAN , ZIMMERMANN ROGER
CPC classification number: G06F21/645 , G06F21/445 , G06F21/57 , G06F2221/2103 , G06F2221/2115 , G06F2221/2129 , G06F2221/2153
Abstract: Methods and apparatus are provided for attesting the configuration of a computing platform (1) to a verifier (3). A signature key (SK) is bound to the platform (1) and bound to a defined configuration of the platform (1). A credential (C(SK), CDAA(SK)) for the signature key (SK) is obtained from an evaluator (2). This credential (C(SK), CDAA(SK)) certifies that the signature key (SK) is bound to an unspecified trusted platform configuration. The platform (1) can then demonstrate to the verifier (3) the ability to sign a challenge from the verifier (3) using the signature key (SK), and demonstrate possession of the credential (C(SK), CDAA(SK)) to the verifier (3), thereby attesting that the platform (1) has a trusted configuration without disclosing the platform configuration to the verifier (3). The ability to sign the challenge may be demonstrated by returning the signed challenge to the verifier (3), and possession of the credential may similarly be demonstrated by sending the credential C(SK) to the verifier (3). Alternatively, the credential may be an anonymous credential CDAA(SK) bound to a public key of the signature key (SK). In this case, possession of the credential CDAA(SK), and the ability to sign the challenge, can be demonstrated without actually disclosing the credential or the public key of the signature key (SK) to the verifier (3). Corresponding methods and apparatus relating to operation of an evaluator (2) and verifier (3) in the attestation process are also provided.
Abstract translation: 提供了用于向验证者(3)证明计算平台(1)的配置的方法和装置。 签名密钥(SK)绑定到平台(1)并绑定到平台(1)的定义配置。 从评估者(2)获得签名密钥(SK)的证书(C(SK),CDAA(SK))。 该证书(C(SK),CDAA(SK))证明签名密钥(SK)被绑定到未指定的可信平台配置。 然后,平台(1)可以向验证者(3)证明使用签名密钥(SK)来签名来自验证者(3)的挑战的能力,并且证明拥有该证书(C(SK),CDAA(SK) )发送给验证者(3),由此证明平台(1)具有可信配置而不向验证者(3)公开平台配置。 可以通过将签名质询返回给验证者(3)来证明签名质量的能力,并且可以通过将证书C(SK)发送给验证者(3)来类似地证明拥有该证书。 或者,凭证可以是绑定到签名密钥(SK)的公钥的匿名凭证CDAA(SK)。 在这种情况下,拥有证书CDAA(SK)以及签名挑战的能力可以在验证者(3)没有实际公开证书或签名密钥(SK)的公钥的情况下被证明。 还提供了与证明过程中评估者(2)和验证者(3)的操作相关的对应方法和装置。
-
公开(公告)号:WO2007135580A3
公开(公告)日:2008-01-24
申请号:PCT/IB2007051546
申请日:2007-04-26
Applicant: IBM , GROSS THOMAS R , SOMMER DIETER M , CAMENISCH JAN
Inventor: GROSS THOMAS R , SOMMER DIETER M , CAMENISCH JAN
IPC: H04L9/32
CPC classification number: H04L9/3218 , H04L9/3252 , H04L2209/42 , H04L2209/56 , H04L2209/68
Abstract: The invention relates to a method for providing an assertion message (200) from a proving party (20) to a relying party (40), the method comprising the steps of: - creating an assertion (A) comprising one or more statements, - creating an assertion proof (p A), - creating a temporary private key and a corresponding temporary public key (K) from the assertion (A) and the assertion proof (p A), - creating a key proof (PK) for the temporary public key (K), - creating an assertion message signature (S) by means of the temporary private key, - creating the assertion message (200) comprising the temporary public key (K), the assertion proof (PA), the key proof (PK), the assertion (A), a message body (220) and the assertion message signature (S) to the relying party (40).
Abstract translation: 本发明涉及一种用于从证明方(20)向依赖方(40)提供断言消息(200)的方法,所述方法包括以下步骤: - 创建包括一个或多个语句的断言(A), - 创建断言证明(p A), - 从断言(A)和断言证明(p A)创建临时私钥和相应的临时公钥(K), - 为临时证明 公开密钥(K), - 通过所述临时专用密钥创建断言消息签名(S), - 创建所述断言消息(200),所述断言消息包括临时公开密钥(K),断言证明(PA),密钥证明 (PK),断言(A),消息体(220)和断言消息签名(S)到依赖方(40)。
-
Patent Agency Ranking6.发明申请
公开(公告)号:WO2005038635A2
公开(公告)日:2005-04-28
申请号:PCT/IB2004002716
申请日:2004-08-20
Applicant: IBM , CAMENISCH JAN
Inventor: CAMENISCH JAN
CPC classification number: G06F21/577 , G06F21/64 , G06F21/645 , H04L9/3257 , H04L2209/127 , H04L2209/42
Abstract: The present invention discloses a method for generating and verifying a user attestation-signature value (DAA') and issuing an attestation value (cert) for the generation of the user attestation-signature value (DAA'). Further, the invention is related to a system for using a user attestation-signature value (DAA') that corresponds to at least one attribute (A, B, C, D), each with an attribute value (w, x, y, z), none, one or more of the attribute values (x, y) remaining anonymous for transactions, the system comprising: a user device (20) having a security module (22) that provides a module public key (PKTPM) and a security module attestation value (DAA), the user device (20) providing a user public key (PKUC) that inherently comprises none, one, or more user determined attribute value (x, y) and a proof value demonstrating that the user public key (PKUC) is validly derived from the module public key (PKTPM) of the security module (22); an attester computer (30) that provides none, one, or more attester determined attribute value (w, z) and an attestation value (cert) that bases on an attester secret key (SKAC), the user public key (PKUC), and an anonymous attribute value (w, z); and a verification computer (40) for verifying whether or not (i) the user attestation-signature value (DAA') was validly derived from the security module attestation value (DAA) provided by the security module (22) and the attestation value (cert), and (ii) the attestation value (cert) is associated with a subset (B, D) of at least one attribute, each attribute in the subset (B, D) having a revealed attribute value (x, z).
Abstract translation: 本发明公开了一种用于生成和验证用户认证签名值(DAA')并发布用于生成用户认证签名值(DAA')的认证值(cert)的方法。 此外,本发明涉及一种用于使用与至少一个属性(A,B,C,D)相对应的用户认证签名值(DAA')的系统,每个属性具有属性值(w,x,y, 所述系统包括:具有提供模块公钥(PKTPM)的安全模块(22)的用户设备(20),所述用户设备(20) 安全模块认证值(DAA),所述用户设备(20)提供固有地包括无,一个或多个用户确定的属性值(x,y)的用户公钥(PKUC)以及证明所述用户公钥 (PKUC)有效地从安全模块(22)的模块公钥(PKTPM)派生; 证明者计算机(30),其基于证明者密钥(SKAC),用户公共密钥(PKUC),以及用户公钥(PKU)提供无,一个或多个证明者确定的属性值(w,z)和证明值 匿名属性值(w,z); 和验证计算机(40),用于验证(i)由安全模块(22)提供的安全模块认证值(DAA)和认证值(DAA)是否有效地导出用户认证签名值 (ii)证明值(cert)与至少一个属性的子集(B,D)相关联,子集(B,D)中的每个属性具有揭示的属性值(x,z)。
-
公开(公告)号:DE112019001531T5
公开(公告)日:2020-12-31
申请号:DE112019001531
申请日:2019-04-30
Applicant: IBM
Inventor: GOEKÇE ONUR , DELAMARCHE EMMANUEL , FREIRE-STOEGBUCHNER EDUARDA , CAMENISCH JAN
Abstract: Es werden Verfahren zum Herstellen eines authentifizierten verpackten Produkts bereitgestellt. Das Verfahren umfasst ein Bereitstellen eines Sicherheitscodes auf dem Produkt, der Sicherheitsdaten für das Produkt codiert, ein Verpacken des Produkts in einer Verpackung und ein Bereitstellen eines Etiketts, das verschlüsselte Produktdaten enthält, auf der Verpackung. Die Produktdaten weisen die Sicherheitsdaten für das Produkt auf. Das Verfahren weist darüber hinaus ein Speichern eines Entschlüsselungsschlüssels für die verschlüsselten Produktdaten auf einem Netzwerkserver und ein Bereitstellen von Zugriffsdaten auf der Verpackung zum Zugreifen auf den Entschlüsselungsschlüssel auf dem Netzwerkserver auf. Es werden entsprechende Verfahren und Systeme zum Überprüfen der Echtheit eines derartigen authentifizierten verpackten Produkts bereitgestellt.
-
公开(公告)号:CA2426794C
公开(公告)日:2009-10-06
申请号:CA2426794
申请日:2001-10-24
Applicant: IBM
Inventor: CACHIN CHRISTIAN , KARJOTH GUNTER , CAMENISCH JAN , ALGESHEIMER-MULLER JOY
Abstract: The invention provides a method and system for processing securely an originator request of a customer. This originator request can be sent to at least one first entity. The method for processing the originator request comprises the steps of a) sending from the customer the originator request t o the or each first entity; b) connecting the or each first entity to a computation entity; c) adding by the or each first entity, on receipt of the originator request, information concerning the originator request thereby forming a first-modified request; d) sending at least part of the first modified request to at least the computation entity; e) having received at least part of the first-modified request by the computation entity deriving a computation-entity result from the atleast part of the first-modified reques t; f) sending at least part of the computation-entity result to the or each fir st entity; g) having received at least part of the computation-entity result by the or each first entity deriving therefrom a first-entity ressult and forwarding it at least in part; and h) having received at least part of the first-entity result by the customer deriving therefrom a customer result.
-
公开(公告)号:WO2008068655A3
公开(公告)日:2008-08-21
申请号:PCT/IB2007054449
申请日:2007-11-02
Applicant: IBM , VANDEN BERGHE CHRIS , PIETRASZEK TADEUSZ J , SOMMER DIETER M , CAMENISCH JAN
Inventor: VANDEN BERGHE CHRIS , PIETRASZEK TADEUSZ J , SOMMER DIETER M , CAMENISCH JAN
IPC: H04L9/00
CPC classification number: H04L9/321 , H04L9/3242 , H04L2209/08
Abstract: The invention relates to a computer implemented method, a computer system and a computer program for privacy enhanced comparison of a plurality of data sets. The method comprises the steps of: - allocating a private encryption key to each of the data sets, - an encryption step being performed for each of the data sets, the encryption step comprising generating a commutatively encrypted data set of the respective data set, wherein the commutatively encrypted data sets are generated by successively applying a keyed commutative encryption function on the respective data set with the private encryption key of the respective data set itself and with the private encryption keys of the other data sets, - comparing the commutatively encrypted data sets.
Abstract translation: 本发明涉及一种用于多个数据集的隐私增强比较的计算机实现方法,计算机系统和计算机程序。 该方法包括以下步骤: - 将专用加密密钥分配给每个数据集, - 为每个数据集执行加密步骤,所述加密步骤包括生成相应数据集的交换加密数据集,其中 通过在各自的数据集本身的私有加密密钥和其他数据集的专用加密密钥上对相应的数据集连续应用密钥交换加密函数,生成交换加密的数据集, - 将交换加密的数据集 。
-
10.发明申请MAINTAINING PRIVACY FOR TRANSACTIONS PERFORMABLE BY A USER DEVICE HAVING A SECURITY MODULE 审中-公开为具有安全模块的用户设备可执行的交易维护隐私
公开(公告)号:WO2005038634A3
公开(公告)日:2005-10-27
申请号:PCT/IB2004002710
申请日:2004-08-20
Applicant: IBM , CAMENISCH JAN
Inventor: CAMENISCH JAN
CPC classification number: G06F21/602 , G06F21/33 , G06F21/57 , G06Q20/382 , G06Q20/3829 , G06Q20/401 , H04L9/321 , H04L9/3234 , H04L9/3257
Abstract: The present invention discloses a method and system for maintaining privacy for transactions performable by a user device having a security module with a privacy certification authority and a verifier. The system comprises an issuer providing an issuer public key PKI; a user device having a security module for generating a first set of attestation-signature values DAA1; a privacy certification authority computer for providing an authority public key PKPCA and issuing second attestation values AV2; and a verification computer for checking the validity of the first set of attestation-signature values DAA1 with the issuer public key PKI and the validity of a second set of attestation-signature values DAA2 with the authority public key PKPCA, the second set of attestation-signature values DAA2 being derivable by the user device 20 from the second attestation values AV2, wherein it is verifiable that the two sets of attestation-signature values DAA1, DAA2 relate to the user device.
Abstract translation: 本发明公开了一种用于维护由具有带有隐私证明机构和验证器的安全模块的用户装置执行的交易的隐私的方法和系统。 该系统包括提供发行者公钥PKI的发行者; 具有用于生成第一组证明签名值DAA1的安全模块的用户设备; 用于提供授权公钥PKPCA并发布第二认证值AV2的隐私认证授权计算机; 以及验证计算机,用于利用发行者公开密钥PKI检验第一组证明签名值DAA1的有效性以及利用授权公钥PKPCA检验第二组证明签名值DAA2的有效性,第二组证明 - 签名值DAA2可由用户设备20从第二认证值AV2导出,其中可证实两组认证签名值DAA1,DAA2涉及用户设备。
-
-
-
-
-
-
-
-
-
Search Results
29
records
(took 0.018 seconds)
