Abstract: The present invention discloses a method and system for maintaining privacy for transactions performable by a user device having a security module with a privacy certification authority and a verifier. The system comprises an issuer providing an issuer public key PKI; a user device having a security module for generating a first set of attestation-signature values DAA1; a privacy certification authority computer for providing an authority public key PKPCA and issuing second attestation values AV2; and a verification computer for checking the validity of the first set of attestation signature values DAA1 with the issuer public key PKI and the validity of a second set of attestation-signature values DAA2 with the authority public key PKPCA, the second set of attestation-signature values DAA2 being derivable by the user device 20 from the second attestation values AV2, wherein it is verifiable that the two sets of attestation-signature values DAA1, DAA2 relate to the user device.

Abstract: The present invention relates electronic receipts. There is provided a method for generating an electronic receipt in a communication system providing a public key infrastructure, the method comprising the steps of receiving by a second party a request message from a first party, the request message comprising a transaction request and a first public key based on a secret owned by the first party and wherein the secret is associated with at least the secret of a further public key of the first party, electronically signing at least part of the request message with a second public key assigned to the second party to issue the electronic receipt, and providing the electronic receipt to the first party.

Abstract: Methods and systems for anonymity revocation, enabling a trusted entity to identify a user computer within an anonymous system. A system comprises an attester computer providing attestation value cert from a security module public key and an identifying value.

Abstract: A method for generating and verifying a user attestation-signature value and issuing an attestation value for using a user attestation-signature value that corresponds to at least one attribute, each with an attribute value remaining anonymous includes: providing a module public key and a security module attestation value providing a user public key that includes: at least one user determined attribute value and a proof value demonstrating that the user public key is validly derived from the module public key of the security module deriving an attester determined attribute value and an attestation value based on an attester secret key, the user public key, and an anonymous attribute value and verifying whether or not (i) the user attestation-signature value was validly derived from the security module attestation value provided by the security module and the attestation value, (and (ii) the attestation value is associated with a subset of at least one attribute, each attribute in the subset having a revealed

Abstract: A system and method for providing cryptographic keys which are usable in a network of connected computer nodes applying a signature scheme. The method employs: generating a random secret key usable in the network of connected computer nodes; generating an exponent interval I having a plurality of exponent elements, the exponent interval having a specified first random limit, wherein each element of the plurality of exponent elements of the exponent interval has a unique prime factor tat is larger than a given security parameter; and, providing a public key comprising an exponent-interval description including The first random limit, and a public key value derived from the random secret key, such That the random secret key and a selected exponent value from the plurality of exponent elements in the exponent interval I are usable for deriving a signature value on a message to be sent within The network to a second computer node for verification.

Abstract: In accordance with the present invention, there is given methods, systems and apparatus for revoking a derived credential formed from an initial credential and an indication value within a network. An example method comprises the steps of: updating an accumulator value based on a plurality of user credential keys where each user credential key is associated with a user device entitled to the derived credential; providing public information that comprises a public key for verifying the initial credential and the accumulator value; an entity receiving from a user device derived-credential information comprising an initial-credential information and an indication-value information indicating that the user credential key is inherently included in the accumulator value, and request information; and, processing the request information in response to verifying by the entity that the initial-credential information and the indication-value information are valid.

Abstract: The present invention discloses a method for generating and verifying a user attestation-signature value (DAA?) and issuing an attestation value (cert) for the generation of the user attestation-signature value (DAA?).

Abstract: The present invention relates to a method for verifying an anonymous payment by a defined party in a communication system providing a public key infrastructure. The method comprising the steps of (a) receiving a validation message from a merchant party, the validation message comprising a proof signature produced by a customer party and an encrypted payment message, the proof signature being derived from a customer secret key, a customer certificate, at least one customer attribute, and the encrypted payment message; (b) verifying the validity of the proof signature based on an issuing public key, a verification public key, and the encrypted payment message; (c) decrypting at least part of the encrypted payment message based on a verification secret key corresponding to the verification public key, thereby obtaining a customer information related to the at least one customer attribute.

Abstract: Methods and systems for anonymity revocation, enabling a trusted entity to identify a user computer within an anonymous system. A system comprises an attester computer providing attestation value cert from a security module public key and an identifying value.

Abstract: Systems, apparatus and methods for privacy-protecting integrity attestation of a computing platform. An example method for privacy-protecting integrity attestation of a computing platform (P) has a trusted platform module (TPM), and comprises the following steps. First, the computing platform (P) receives configuration values (PCR1 . . . PCRn). Then, by means of the trusted platform module (TPM), a configuration value (PCRp) is determined which depends on the configuration of the computing platform (P). In a further step the configuration value (PCRp) is signed by means of the trusted platform module. Finally, in the event that the configuration value (PCRp) is one of the received configuration values (PCR1 . . . PCRn), the computing platform (P) proves to a verifier (V) that it knows the signature (sign(PCRp)) on one of the received configuration values (PCR1 . . . PCRn).

Abstract: A method, system and computer program product relating to automatically validating a transaction between an issuer having a signing key, an emitter having an emitter key, an acceptor having a unique identity and a limit on transactions and a validator.

Abstract: A method and system for performing transactions between a client and a server. The client sends to the server a transaction request for performing a transaction, and receives from the server a transaction policy. The client displays a first representation of the transaction policy depicting transaction policy options for fulfilling the transaction policy. After the user selects a first transaction policy option, the client displays a second representation of the transaction policy, depicting at least one mechanism pertaining to the first transaction policy option for satisfying the requirements of the first transaction policy option. After the user selects a first mechanism, the client depicts evidence options for each requirement of the first transaction policy option. After the user selects an evidence option for each requirement of the first transaction policy option, the client sends to the server transaction enablement information that includes evidence dictated by the selected evidence options.

Abstract: The present invention discloses a method and system for maintaining privacy for transactions performable by a user device having a security module with a privacy certification authority and a verifier. The system comprises an issuer providing an issuer public key PKI; a user device having a security module for generating a first set of attestation-signature values DAA1; a privacy certification authority computer for providing an authority public key PKPCA and issuing second attestation values AV2; and a verification computer for checking the validity of the first set of attestation signature values DAA1 with the issuer public key PKI and the validity of a second set of attestation-signature values DAA2 with the authority public key PKPCA, the second set of attestation-signature values DAA2 being derivable by the user device 20 from the second attestation values AV2, wherein it is verifiable that the two sets of attestation-signature values DAA1, DAA2 relate to the user device.

Abstract: The present invention discloses a method for generating and verifying a user attestation-signature value (DAA?) and issuing an attestation value (cert) for the generation of the user attestation-signature value (DAA?).

Abstract: A computer-implemented system and method for protecting a memory are provided. The system includes a memory section with privileged and non-privileged sections, a host gateway (HG) to generate a capability credential, a device controller (DC) to append the credential to data transmitted to the memory, and at least one IO device enabled to do direct memory access (DMA) transactions with the memory.

Abstract: A method for automatically linking an anonymous electronic trade order having an order quantity (q) to an identity of a trader by providing an identity marker (s) of the trader; embedding the identity marker (s) by splitting the anonymous trade order into a number (n) of trade orders each having a corresponding order quantity x (i) to generate a trade order set; and placing the generated trade order set in an electronic order book.

Abstract: A method is provided for reducing a known value modulo a shared secret value among network devices exchanging messages in a network. The reduction results in a share of reduced value for each network device of a reduced value. Each network device has its share of known value and its share of shared secret value. It performs an inversion step for deriving from the share of shared secret value a share of the inverse of the shared secret value by using an approximation process, resulting in a share of inverse value; a multiplication step for deriving from the share of inverse value by use of the share of known value a share of multiplied inverse value; a rounding step for rounding the share of multiplied inverse value; and a calculation step for deriving the share of reduced value from the share of known value, the rounded share of multiplied inverse value, and the share of shared secret value.

Abstract: The presented methods form the basis of a forward-secure signature scheme that is provably secure. Moreover, the presented methods form also the basis of a fine-grained forward-secure signature scheme that is secure and efficient. The scheme allows to react immediately on hacker break-ins such that signatures from the past still remain valid without re-issuing them and future signature values based on an exposed key can be identified accordingly. In general, each prepared signature carries an ascending index such that once an index is used, no lower index can be used to sign. Then, whenever an adversary breaks in, an honest signer can just announce the current index, e.g., by signing some special message with respect to the current index, as part of the revocation message for the current time period. It is then understood that all signatures made in prior time periods as well as all signatures make in the revoked period up to the announced index are valid, i.e., non-reputable.

Abstract: A method, a system and a computer program for changing an encryption key of data encrypted by a first key and stored on an archive server (40), wherein a conversion is applied to the data, generating recrypted data decryptable by means of a second key, the conversion being generated on a second server (30) and associated with the first key and the second key via a functional operation and transferred from the second server (30) to the archive server (40) via a transfer channel (38).

Abstract: The present invention is a system and method for handling personally identifiable information, using a rules model. The invention involves defining a limited number of privacy-related actions regarding personally identifiable information; constructing a rule for each circumstance in which one of said privacy-related actions may be taken or must be taken; allowing for the input of dynamic contextual information to precisely specify the condition for evaluation of a rule; creating a programming object containing at least one of said rules; associating the programming object with personally identifiable information; processing a request; and providing an output. The invention does not merely give a “yes-or-no answer. The invention has the advantage of being able to specify additional actions that must be taken. The invention may use a computer system and network. One aspect of the present invention is a method for handling personally identifiable information.