| 摘要 |
A key pair validation method provides for a first party to generate a seed to define a private key, a public key, a session key and a validation field for the purpose of performing a cryptographic activity with a second party. The validation field is determined by encrypting the first party seed. The second party receives the first party public key and the validation field from the first party. The second party calculates a session key and utilizing the calculated session key, decrypts a cipher text to recover the first party's seed and the first party's private and public key. The recovered first party public key is compared to the received first party public key. If the received and recovered public keys match, the private-public key pair received from the first party is validated and the second party proceeds with the cryptographic task. If the received and recovered public keys do not match, the second party simply reports to the first party that the cryptographic task failed. |
| 主权项 |
1. A method of validating a private-public key pair for use by a first party and a second party, the method comprising the steps of:
identifying a key agreement protocol to be used to determine a private-public key pair, wherein said key agreement protocol defines a basepoint, a key derivation function, a key pair-basepoint relationship, a session key protocol, and a validation field encryption algorithm; generating a first party seed by the first party; defining a first party private key, by the first party, utilizing said first party seed in accordance with said key derivation function; utilizing said first party private key, by the first party, to define a first party public key in accordance with said key pair-basepoint relationship; identifying, by the first party, a second party public key; determining, by the first party, a first party session key in accordance with said session key protocol; determining, by the first party, a validation field by encrypting said first party seed in accordance with said validation field encryption algorithm; transmitting, by the first party, said first party public key and said validation field; receiving, by the second party, said first party public key, receiving said validation field by the second party; determining, by the second party, a second party session key in accordance with said session key protocol; utilizing, by the second party, said second party session key to decrypt said validation field to provide a recovered first party seed; utilizing, by the second party, said recovered first party seed and said key derivation function to generate a recovered first party private key; utilizing, by the second party, said recovered first party private key and said basepoint to generate a recovered first party public key; determining, by the second party, whether said recovered first party public key matches said received first party public key to validate the first party private-public key pair; and upon determining that the recovered public key and the received public key match, utilizing, by the second party, said second party session key to perform a cryptographic task. |
