Method of authentication and storage of private keys in a public key cryptography system (PKCS)
US6370250B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Oct 29, 1998 |
| Grant date | Apr 9, 2002 |
| Priority date | — |
| Expiry date | Oct 29, 2018 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2209/56
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Private keys for a public key cryptography system are protected within private key storage and communication by the requirement of a password to extract the private key based on a password during decryption. Upon receipt of a message encrypted with the public key, both the public key and the protected private key are retrieved from key storage. Interception of this transaction is useless since the protected private key alone cannot be utilized to decrypt the received message. A user is authenticated by extracting a potential private key from the protected private key utilizing a hashed password value, encrypting a well-known message with the public key, decrypting the encrypted well-known message utilizing the potential private key, and comparing the original and decrypted well-known messages. If they match, the extracted private key is employed to decrypt the received message. Signature values based on the password and/or private key may be employed to change the password or add new public key/private key pairs to the key storage.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.