WO2006066142A3 - Use of modular roots to perform authentication including authentication of validity of digital certificates - Google Patents

Use of modular roots to perform authentication including authentication of validity of digital certificates Download PDF

Info

Publication number
WO2006066142A3
WO2006066142A3 PCT/US2005/045796 US2005045796W WO2006066142A3 WO 2006066142 A3 WO2006066142 A3 WO 2006066142A3 US 2005045796 W US2005045796 W US 2005045796W WO 2006066142 A3 WO2006066142 A3 WO 2006066142A3
Authority
WO
WIPO (PCT)
Prior art keywords
elements
property
authentication
data
possessing
Prior art date
Application number
PCT/US2005/045796
Other languages
French (fr)
Other versions
WO2006066142A2 (en
Inventor
Zulfikar Amin Ramzan
Craig B Gentry
Bernhard Bruhn
Original Assignee
Ntt Docomo Inc
Zulfikar Amin Ramzan
Craig B Gentry
Bernhard Bruhn
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ntt Docomo Inc, Zulfikar Amin Ramzan, Craig B Gentry, Bernhard Bruhn filed Critical Ntt Docomo Inc
Priority to EP05854498A priority Critical patent/EP1825377A4/en
Priority to JP2007546971A priority patent/JP2008524930A/en
Publication of WO2006066142A2 publication Critical patent/WO2006066142A2/en
Publication of WO2006066142A3 publication Critical patent/WO2006066142A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/30Compression, e.g. Merkle-Damgard construction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Abstract

Authentication of elements (e.g. digital certificates 140) as possessing a pre-specified property (e.g. being valid) or not possessing the property is performed by (1) assigning a distinct integer pi to each element, and (2) accumulating the elements possessing the property or the elements not possessing the property using a P-th root u 1/P (mod n) of an integer u modulo a predefined composite integer n, where P is the product of the integers associated with the accumulated elements. Alternatively, authentication is performed without such accumulators but using witnesses associated with such accumulators. The witnesses are used to derive encryption and/or decryption keys for encrypting the data evidencing possession of the property for multiple periods of time. The encrypted data are distributed in advance. For each period of time, decryption keys are released which are associated with that period and with the elements to be authenticated in that period of time. Authentication can be performed by accumulating elements into data which are a function of each element but whose size does not depend on the number of elements, and transmitting the accumulator data over a network to a computer system which de-accumulates some elements as needed to re-transmit only data associated with elements needed by other computer systems. This technique is suitable to facilitate distribution of accumulator data in networks such as ad hoc networks.
PCT/US2005/045796 2004-12-17 2005-12-16 Use of modular roots to perform authentication including authentication of validity of digital certificates WO2006066142A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP05854498A EP1825377A4 (en) 2004-12-17 2005-12-16 Use of modular roots to perform authentication including, but not limited to, authentication of validity of digital certificates
JP2007546971A JP2008524930A (en) 2004-12-17 2005-12-16 Use of modular routes to perform authentication, including but not limited to authenticating the validity of digital certificates

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US63717704P 2004-12-17 2004-12-17
US60/637,177 2004-12-17
US11/304,200 US7266692B2 (en) 2004-12-17 2005-12-15 Use of modular roots to perform authentication including, but not limited to, authentication of validity of digital certificates
US11/304,200 2005-12-15

Publications (2)

Publication Number Publication Date
WO2006066142A2 WO2006066142A2 (en) 2006-06-22
WO2006066142A3 true WO2006066142A3 (en) 2007-12-21

Family

ID=36588615

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2005/045796 WO2006066142A2 (en) 2004-12-17 2005-12-16 Use of modular roots to perform authentication including authentication of validity of digital certificates

Country Status (4)

Country Link
US (5) US7266692B2 (en)
EP (1) EP1825377A4 (en)
JP (1) JP2008524930A (en)
WO (1) WO2006066142A2 (en)

Families Citing this family (36)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8239917B2 (en) * 2002-10-16 2012-08-07 Enterprise Information Management, Inc. Systems and methods for enterprise security with collaborative peer to peer architecture
US7840806B2 (en) * 2002-10-16 2010-11-23 Enterprise Information Management, Inc. System and method of non-centralized zero knowledge authentication for a computer network
US7266692B2 (en) * 2004-12-17 2007-09-04 Ntt Docomo, Inc. Use of modular roots to perform authentication including, but not limited to, authentication of validity of digital certificates
EP1938203B1 (en) * 2005-02-26 2019-04-24 Unium Inc. Naming system layer
US8874477B2 (en) 2005-10-04 2014-10-28 Steven Mark Hoffberg Multifactorial optimization system and method
US20070168297A1 (en) * 2006-01-18 2007-07-19 Cheng Siu L Efficient method and system for secure business-to-business transaction
CN101421973B (en) * 2006-04-12 2014-01-29 艾利森电话股份有限公司 Method and device for plural telecommunications functions having sharing transaction(s)
IL178488A0 (en) * 2006-10-05 2008-01-20 Nds Ltd Improved key production system
ES2568661T3 (en) * 2006-11-07 2016-05-03 Security First Corp. Systems and methods to distribute and guarantee data
TWI340354B (en) * 2006-12-14 2011-04-11 Inst Information Industry System, method, and computer readable medium for micropayment with varying denomination
KR101301775B1 (en) * 2007-01-31 2013-09-02 삼성전자주식회사 Method for executing distributed verification for measured data in sensor network and system for executing the method
FR2913154A1 (en) * 2007-02-28 2008-08-29 France Telecom Identity based cryptographic method for encrypting and decrypting e.g. electronic message, involves encrypting message using symmetric encryption key and broadcasting cryptogram and encrypted message from transmitting entity
US9497028B1 (en) 2007-05-03 2016-11-15 Google Inc. System and method for remote storage auditing
KR101638432B1 (en) * 2007-05-18 2016-07-12 씨큐어 키즈 피티와이 리미티드 A security token and system and method for generating and decoding the security token
EP1998491A1 (en) * 2007-05-31 2008-12-03 Thomson Licensing Method for calculating compressed RSA moduli
JP4988448B2 (en) * 2007-06-25 2012-08-01 株式会社日立製作所 Batch verification apparatus, program, and batch verification method
US8538014B2 (en) * 2008-05-12 2013-09-17 Oracle America, Inc. Fast computation of one-way hash sequences
US20090285387A1 (en) * 2008-05-15 2009-11-19 Chiou-Haun Lee Symmetric encryption/decryption method of variable length and application thereof
US9130757B2 (en) * 2008-08-11 2015-09-08 International Business Machines Corporation Method for authenticated communication in dynamic federated environments
US8521697B2 (en) * 2010-05-19 2013-08-27 Cleversafe, Inc. Rebuilding data in multiple dispersed storage networks
EP2636233A4 (en) * 2010-11-05 2017-06-14 Nokia Technologies Oy Method and apparatus for providing efficient management of certificate revocation
US8839381B2 (en) 2010-12-07 2014-09-16 Microsoft Corporation Revoking delegatable anonymous credentials
FR2969879A1 (en) * 2010-12-23 2012-06-29 France Telecom ANONYMOUS ACCESS TO SERVICE WITH AGREGATE CERTIFICATES
EP2705629A4 (en) * 2011-05-06 2015-07-29 Certicom Corp Validating a batch of implicit certificates
US9425967B2 (en) * 2013-03-20 2016-08-23 Industrial Technology Research Institute Method for certificate generation and revocation with privacy preservation
EP2843587A1 (en) * 2013-08-27 2015-03-04 OpenLimit SignCubes AG Method for generating evidence-data for a long-term data storage system for datasets
MY169097A (en) * 2014-10-01 2019-02-18 Mimos Berhad Method for secure network establishment via authentication of single-use passwords with counter measures against password replay
US10333696B2 (en) 2015-01-12 2019-06-25 X-Prime, Inc. Systems and methods for implementing an efficient, scalable homomorphic transformation of encrypted data with minimal data expansion and improved processing efficiency
RU2018137847A (en) * 2016-03-29 2020-04-29 Конинклейке Филипс Н.В. SYSTEM AND METHOD FOR DISTRIBUTION OF KEY MATERIAL AND CERTIFICATE BASED ON IDENTIFICATION INFORMATION
WO2017201406A1 (en) * 2016-05-19 2017-11-23 Arris Enterprises Llc Implicit rsa certificates
US10374809B1 (en) * 2016-12-13 2019-08-06 Amazon Technologies, Inc. Digital signature verification for asynchronous responses
CN107592293A (en) * 2017-07-26 2018-01-16 阿里巴巴集团控股有限公司 The means of communication, digital certificate management method, device and electronic equipment between block chain node
WO2019152994A1 (en) * 2018-02-05 2019-08-08 Lg Electronics, Inc. Cryptographic methods and systems using blinded activation codes for digital certificate revocation
US11005654B2 (en) 2019-05-14 2021-05-11 Google Llc Outsourcing exponentiation in a private group
CN110135909A (en) * 2019-05-15 2019-08-16 山东工商学院 Data processing method, system, equipment and storage medium based on zero-knowledge proof
US10848481B1 (en) * 2019-05-17 2020-11-24 The Florida International University Board Of Trustees Systems and methods for revocation management in an AMI network

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4914698A (en) * 1988-03-16 1990-04-03 David Chaum One-show blind signature systems
US5793868A (en) * 1996-08-29 1998-08-11 Micali; Silvio Certificate revocation system

Family Cites Families (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4748668A (en) * 1986-07-09 1988-05-31 Yeda Research And Development Company Limited Method, apparatus and article for identification and signature
US5140634A (en) * 1987-09-07 1992-08-18 U.S Philips Corporation Method and apparatus for authenticating accreditations and for authenticating and signing messages
EP0693836A1 (en) * 1994-06-10 1996-01-24 Sun Microsystems, Inc. Method and apparatus for a key-management scheme for internet protocols.
US7337315B2 (en) 1995-10-02 2008-02-26 Corestreet, Ltd. Efficient certificate revocation
US6766450B2 (en) 1995-10-24 2004-07-20 Corestreet, Ltd. Certificate revocation system
US5717757A (en) 1996-08-29 1998-02-10 Micali; Silvio Certificate issue lists
US8732457B2 (en) 1995-10-02 2014-05-20 Assa Abloy Ab Scalable certificate validation and simplified PKI management
US6097811A (en) 1995-11-02 2000-08-01 Micali; Silvio Tree-based certificate revocation system
US6487658B1 (en) 1995-10-02 2002-11-26 Corestreet Security, Ltd. Efficient certificate revocation
US7353396B2 (en) 1995-10-02 2008-04-01 Corestreet, Ltd. Physical access control
US5666416A (en) 1995-10-24 1997-09-09 Micali; Silvio Certificate revocation system
US6292893B1 (en) 1995-10-24 2001-09-18 Silvio Micali Certificate revocation system
US5717758A (en) 1995-11-02 1998-02-10 Micall; Silvio Witness-based certificate revocation system
US5687235A (en) 1995-10-26 1997-11-11 Novell, Inc. Certificate revocation performance optimization
US6301659B1 (en) 1995-11-02 2001-10-09 Silvio Micali Tree-based certificate revocation system
US5699431A (en) 1995-11-13 1997-12-16 Northern Telecom Limited Method for efficient management of certificate revocation lists and update information
US5903651A (en) 1996-05-14 1999-05-11 Valicert, Inc. Apparatus and method for demonstrating and confirming the status of a digital certificates and other data
US6044462A (en) 1997-04-02 2000-03-28 Arcanvs Method and apparatus for managing key revocation
US6128740A (en) 1997-12-08 2000-10-03 Entrust Technologies Limited Computer security system and method with on demand publishing of certificate revocation lists
US5982892A (en) * 1997-12-22 1999-11-09 Hicks; Christian Bielefeldt System and method for remote authorization for unlocking electronic data
US6226743B1 (en) 1998-01-22 2001-05-01 Yeda Research And Development Co., Ltd. Method for authentication item
US20020124175A1 (en) * 2001-03-02 2002-09-05 Seiko Epson Corporation Data processing system utilizing discrete operating device
US7543139B2 (en) 2001-12-21 2009-06-02 International Business Machines Corporation Revocation of anonymous certificates, credentials, and access rights
AU2003226458A1 (en) 2002-05-09 2003-11-11 Matsushita Electric Industrial Co., Ltd. Public key certificate revocation list generation apparatus, revocation judgement apparatus, and authentication system
US20030236976A1 (en) 2002-06-19 2003-12-25 Microsoft Corporation Efficient membership revocation by number
FI20021738A0 (en) 2002-09-30 2002-09-30 Ssh Comm Security Oyj Procedure for producing certificate revocation lists
KR100402348B1 (en) 2003-07-02 2003-10-22 Bong Taek Kim Automatic train protection stop device for controlling railroad using data communication
KR100519770B1 (en) 2003-07-08 2005-10-07 삼성전자주식회사 Method and apparatus for distributed certificate management for Ad-hoc networks
JP3894181B2 (en) 2003-10-10 2007-03-14 株式会社日立製作所 Method and apparatus for speeding up public key certificate verification
US7266692B2 (en) * 2004-12-17 2007-09-04 Ntt Docomo, Inc. Use of modular roots to perform authentication including, but not limited to, authentication of validity of digital certificates

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4914698A (en) * 1988-03-16 1990-04-03 David Chaum One-show blind signature systems
US5793868A (en) * 1996-08-29 1998-08-11 Micali; Silvio Certificate revocation system

Also Published As

Publication number Publication date
WO2006066142A2 (en) 2006-06-22
US20100174904A1 (en) 2010-07-08
JP2008524930A (en) 2008-07-10
US20060248334A1 (en) 2006-11-02
EP1825377A2 (en) 2007-08-29
US7747857B2 (en) 2010-06-29
EP1825377A4 (en) 2011-05-04
US7266692B2 (en) 2007-09-04
US20060137006A1 (en) 2006-06-22
US20100153714A1 (en) 2010-06-17
US7743252B2 (en) 2010-06-22
US20060242699A1 (en) 2006-10-26

Similar Documents

Publication Publication Date Title
WO2006066142A3 (en) Use of modular roots to perform authentication including authentication of validity of digital certificates
US9973334B2 (en) Homomorphically-created symmetric key
WO2008087734A1 (en) Cryptogram generating device, cryptogram communication system, and group parameter generating device
CN101099329B (en) New trapdoor one-way function on elliptic curves and their applications to shorter signatures and asymmetric encryption
WO2005025122A8 (en) Secure multicast transmission
WO2017109584A3 (en) Computer-implemented cryptographic method for improving a computer network, and terminal, system and computer-readable medium for the same
WO2007011679A3 (en) Systems and methods of ambiguity envelope encryption scheme and applications
WO2007123869A3 (en) Key management and user authentication for quantum cryptography networks
TW200711436A (en) Secure patch system
EP2544425A3 (en) Secure dissemination of events in a publish/subscribe network
CN101170404B (en) Method for secret key configuration based on specified group
CN105450396A (en) Certificate-free combined secret key generation and application method
TW200731727A (en) Digital security for distributing media content to a local area network
CN108462575A (en) Upload data ciphering method based on no trusted party thresholding Hybrid Encryption
CN101977197A (en) Multi-receiver encryption method based on biological characteristics
CN107172043A (en) A kind of smart power grid user sale of electricity method based on homomorphic cryptography
Nishanth et al. Improved signcryption algorithm for information security in networks
CN114095171A (en) Identity-based wearable proxy re-encryption method
CN101488958B (en) Large cluster safe real-time communication method executed by using elliptical curve
CN106453253A (en) Efficient identity-based concealed signcryption method
CN107947915A (en) Anonymous traitor tracing method based on compressed sensing
CN103384233B (en) A kind of methods, devices and systems for acting on behalf of conversion
Chhatrapati et al. A performance evaluation of pairing-based broadcast encryption systems
WO2010057191A8 (en) Storage security using cryptographic splitting
CN102246456A (en) System and method for countering side-channel attacks against encryption based on cyclic groups

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KN KP KR KZ LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2005854498

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2007546971

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

WWP Wipo information: published in national office

Ref document number: 2005854498

Country of ref document: EP