IMPLICIT CERTIFICATE SCHEME

摘要

A method of generating a public key in a secure digital communication system, having at least one trusted entity CA and subscriber entities A. For each entity A, the trusted entity selects a unique identity distinguishing the entity A. The trusted entity then generates a public key reconstruction public data of the entity A by mathematically combining public values obtained from respective private values of the trusted entity and the entity A. The unique identity and public key reconstruction public data of the entity A serve as A's implicit certificate. The trusted entity combines the implicit certificate information with a mathematical function to derive an entity information ƒ and generates a value kA by binding with ƒ with private values of the trusted entity. The trusted entity transmits the value kA to the entity to permit A to generate a private key from kA, A's private value and A's implicit certificate. The entity A's public key information may be reconstructed from public information, and A's implicit certificate.

主权项

1. A computer implemented method of a trusted entity CA facilitating generation of a public key by a correspondent A in an electronic data communication using implicit certificates, said method comprising the steps of:
a cryptographic unit of said trusted CA selecting a unique identity IA distinguishing said correspondent A; said cryptographic unit generating public key reconstruction public data γA for said correspondent A by mathematically combining a private value of said trusted entity CA and information made public by said trusted entity CA to obtain a pair (IA, γA) serving as an implicit certificate for said correspondent A; said cryptographic unit generating a private key a for said correspondent A using said implicit certificate and said private value of said trusted entity CA such that said public key is computable by combining said data γA and said private key a, wherein generating said private key a comprises generating a value ƒ being a function of said pair (IA, γA) including a hash of said pair (IA, γA), and evaluating said private key a from an equation comprising ƒ and said private value of said trusted entity CA; and said cryptographic unit providing a signature (IA, a, γA) to said correspondent A over a secure channel of said data communication system.