Zum Hauptinhalt springen
UB Hagen

Implicit RSA certificates

ARRIS Enterprises, LLC
2023
Online Patent
Zugriff:
View record in USPTO Patent Grants (Volltext)

A secure digital communications method is provided in which a Certificate Authority generates an improved RSA key pair having a modulus, a public key exponent, a public key, and a private key. The public key exponent can contain descriptive attributes and a digital signature. The digital signature can be responsive to the descriptive attributes and the modulus. A secure session can be established between a first system and a second system, within a secure digital communication protocol. The second system can verify the digital signature to authenticate the public key.

Titel:
Implicit RSA certificates
Autor/in / Beteiligte Person: ARRIS Enterprises, LLC
Link:
Veröffentlichung: 2023
Medientyp: Patent
Sonstiges:
  • Nachgewiesen in: USPTO Patent Grants
  • Sprachen: English
  • Patent Number: 11683,170
  • Publication Date: June 20, 2023
  • Appl. No: 17/109866
  • Application Filed: December 02, 2020
  • Assignees: ARRIS Enterprises LLC (Suwanee, GA, US)
  • Claim: 1. A method for secure digital communications comprising the steps of: generating by a certificate authority an asymmetric key pair comprising a first public key and a private key; and providing in the first public key descriptive attributes and a digital signature, wherein the digital signature is responsive to at least part of the first public key, wherein the asymmetric key pair is a Rivest, Shamir, and Adelman (RSA) key pair, wherein the asymmetric key pair further comprises a modulus n and a public key exponent e, wherein the public key exponent e includes the descriptive attributes and the digital signature, wherein a first portion of the public key exponent e is allocated to descriptive attributes, wherein a second portion of the public key exponent e is allocated to the digital signature, and wherein the digital signature is responsive to the modulus and the descriptive attributes.
  • Claim: 2. The method of claim 1 further comprising the steps of: passing the modulus and the public key exponent from a first system to a second system; establishing a secure session between the first system and the second system, within a secure digital communication protocol, responsive to the modulus and the public key exponent; and verifying, by the second system, the digital signature, responsive to the modulus and the public key exponent, thereby authenticating the first public key.
  • Claim: 3. The method of claim 2 , wherein the secure digital communication protocol is Secure Shell (SSH).
  • Claim: 4. The method of claim 2 , wherein the descriptive attributes comprise a name corresponding to the Certificate Authority.
  • Claim: 5. The method of claim 2 , wherein the descriptive attributes comprise a validity period corresponding to the first public key.
  • Claim: 6. The method of claim 2 , wherein the descriptive attributes comprise a unique identity corresponding to a customer premises equipment device.
  • Claim: 7. The method of claim 2 further comprising the step of installing the RSA key pair in a customer premises equipment device, wherein installation of the RSA key pair takes place within a customer premises equipment device manufacturing facility.
  • Claim: 8. The method of claim 2 further comprising the steps of: generating large random prime numbers p and q according to an RSA algorithm; applying validity tests to a first candidate public key exponent, thereby determining that the first candidate public key exponent is invalid; and regenerating p and q upon determining that the first candidate public key exponent is invalid, thereby providing a second candidate public key exponent, wherein the modulus is responsive to p and q.
  • Claim: 9. The method of claim 8 , wherein a Certificate Authority public key corresponds to the Certificate Authority, and wherein the Certificate Authority public key is an Elliptic Curve public key.
  • Claim: 10. The method of claim 9 , wherein the Certificate Authority employs an Elliptic Curve Digital Signature Algorithm or an Edwards Digital Signature Algorithm, thereby providing the digital signature.
  • Claim: 11. The method of claim 1 further comprising the steps of: passing the modulus and the public key exponent from a first system to a second system; establishing a secure session between the first system and the second system, within a secure digital communication protocol, responsive to the modulus and the public key exponent; detecting by the second system an invalid public key, responsive to the modulus and the public key exponent; and aborting the secure session, responsive to the detection of an invalid public key.
  • Claim: 12. The method of claim 11 , wherein the secure digital communication protocol is Secure Shell (SSH).
  • Claim: 13. The method of claim 11 , wherein the descriptive attributes comprise a name corresponding to the Certificate Authority.
  • Claim: 14. The method of claim 11 , wherein the descriptive attributes comprise a validity period corresponding to the first public key.
  • Claim: 15. The method of claim 11 , wherein the descriptive attributes comprise a unique identity corresponding to a customer premises equipment device.
  • Claim: 16. The method of claim 11 further comprising installing the RSA key pair in a customer premises equipment device, wherein installation of the RSA key pair takes place within a customer premises equipment device manufacturing facility.
  • Claim: 17. The method of claim 11 further comprising the steps of: generating large random prime numbers p and q according to an RSA algorithm; applying validity tests to a first candidate public key exponent, thereby determining that the first candidate public key exponent is invalid; and regenerating p and q upon determining that the first candidate public key exponent is invalid, thereby providing a second candidate public key exponent, wherein the modulus is responsive to p and q.
  • Claim: 18. The method of claim 17 , wherein a Certificate Authority public key corresponds to the Certificate Authority, which is an Elliptic Curve public key.
  • Claim: 19. The method of claim 18 , wherein the Certificate Authority employs an Elliptic Curve Digital Signature Algorithm or an Edwards Digital Signature Algorithm, thereby providing the digital signature.
  • Claim: 20. The method of claim 1 , wherein the first portion of the public key exponent e comprises most significant bits (MSB) of the public key exponent e as allocated to descriptive attributes, and wherein the second portion of the public key exponent e comprises least significant bits (LSB) of the public key exponent e as allocated to the digital signature.
  • Patent References Cited: 5218637 June 1993 Angebaud ; 5633929 May 1997 Kaliski, Jr. ; 5675649 October 1997 Brennan ; 5884272 March 1999 Walker ; 5987131 November 1999 Clapp ; 6170058 January 2001 Kausik ; 6298153 October 2001 Oishi ; 6751729 June 2004 Giniger et al. ; 6965673 November 2005 Boneh ; 7035410 April 2006 Aiello ; 9755829 September 2017 Battistello ; 20020077078 June 2002 Antti ; 20020154779 October 2002 Asano ; 20020165912 November 2002 Wenocur ; 20050018852 January 2005 Camenisch ; 20050084098 April 2005 Brickell ; 20060083370 April 2006 Hwang ; 20060137006 June 2006 Ramzan ; 20060159259 July 2006 Gentry ; 20060251248 November 2006 Lipson ; 20070180225 August 2007 Schmidt ; 20080013721 January 2008 Hwang ; 20080080707 April 2008 Gueron ; 20080104400 May 2008 Kocher ; 20080148055 June 2008 Ferguson ; 20080229111 September 2008 Paya ; 20090028323 January 2009 Aciicmez ; 20090296938 December 2009 Devanand ; 20100031021 February 2010 Arnold ; 20100208887 August 2010 Joye ; 20110093721 April 2011 Perlman ; 20130046972 February 2013 Campagna ; 20130227277 August 2013 Campagna ; 20130290704 October 2013 Giniger ; 20140075203 March 2014 Barbu ; 20140244998 August 2014 Amenedo ; 20150089216 March 2015 Benoit ; 20160043870 February 2016 Avanzi ; 20160182235 June 2016 Bos ; 20160261403 September 2016 Benoit
  • Other References: IGOE National Security Agency D. Stebilia Queensland University of TechnologyK, “X.509v3 Certificates for Secure Shell Authentication; RFC6187.txt”, X.509V3 Certificates for Secure Shell Authentication RFC6187.TXT, Internet Engineering Task Force, IEFT, Standard Internet Society (ISOC), Mar. 31, 2011, pp. 1-16. imported from a related application ; PCT Search Report & Written Opinion, Re: Application No. PCT/US2017/033541, dated Aug. 16, 2017. imported from a related application ; International Search Report prepared by the European Patent Office for PCT/US2017/033541, dated Aug. 16, 2017, 6 pages. cited by applicant ; Written Opinion prepared by the European Patent Office for PCT/US2017/033541, dated Aug. 16, 2017, 5 pages. cited by applicant ; Office Action prepared by the US Patent and Trademark Office for U.S. Appl. No. 15/599,842, dated May 23, 2019, pp. 18 pages. cited by applicant ; Final Office Action prepared by the US Patent and Trademark Office for U.S. Appl. No. 15/599,842, dated Jan. 31, 2020, 20 pages. cited by applicant
  • Primary Examiner: Chiang, Jason
  • Attorney, Agent or Firm: Chernoff, Vilhauer, McClung & Stenzel, LLP

Klicken Sie ein Format an und speichern Sie dann die Daten oder geben Sie eine Empfänger-Adresse ein und lassen Sie sich per Email zusenden.

oder
oder

Wählen Sie das für Sie passende Zitationsformat und kopieren Sie es dann in die Zwischenablage, lassen es sich per Mail zusenden oder speichern es als PDF-Datei.

oder
oder

Bitte prüfen Sie, ob die Zitation formal korrekt ist, bevor Sie sie in einer Arbeit verwenden. Benutzen Sie gegebenenfalls den "Exportieren"-Dialog, wenn Sie ein Literaturverwaltungsprogramm verwenden und die Zitat-Angaben selbst formatieren wollen.

xs 0 - 576
sm 576 - 768
md 768 - 992
lg 992 - 1200
xl 1200 - 1366
xxl 1366 -