Abstract: We propose new systems for certificate revocation that are more economical and efficient than traditional ones. We also point out what we believe to be a structural problem in traditional public-key infrastructures, and various ways to solve it.

Abstract: Controlling access includes providing a barrier to access that includes a controller that selectively allows access, at least one administration entity generating credentials/proofs, wherein no valid proofs are determinable given only the credentials and values for expired proofs, the controller receiving the credentials/proofs, the controller determining if access is presently authorized, and, if access is presently authorized, the controller allowing access. The credentials/proofs may be in one part or may be in separate parts. There may be a first administration entity that generates the credentials and other administration entities that generate proofs. The first administration entity may also generate proofs or the first administration entity may not generate proofs. The credentials may correspond to a digital certificate that includes a final value that is a result of applying a one way function to a first one of the proofs.

Abstract: Indicating data currentness includes, on any date of a sequence of dates, issuing a proof indicating the currentness status of the data during a particular time interval. The proof may be a digital signature. The time interval may be in the form of a current date and an amount of time. The proof may include a digital signature of the time interval. The proof may include a digital signature of the time interval and the data. The proof may include a digital signature of the time interval and a compact form of the data, such as a hash. Indicating data currentness may also include distributing the proofs to a plurality of unsecure units that respond to requests by users for the proofs. Indicating data currentness may also include gathering a plurality of separate pieces of data and providing a single proof for the separate pieces of data. The data may be electronic documents.

Abstract: A micropayment system and method is presented for a payor U to establish payment to payee M for a transaction T, which typically has a very low value TV. The micropayment scheme minimizes the bank's processing costs, while at the same time eliminating the need for users and merchants to interact in order to determine whether a given micropayment should be selected for payment. In one embodiment, the micropayment scheme includes time constraints, which require that an electronic check C for the transaction T be presented to a bank B for payment within a predetermined time/date interval. In another embodiment, the micropayment scheme includes a selective deposit protocol, which guarantees that a user is never charged in excess of what he actually spends, even within a probabilistic framework. In another embodiment, the micropayment scheme includes a deferred selection protocol, which provides the bank with control and flexibility over the payment selection process.

Abstract: An entity controlling access of a plurality of users to at least one disconnected door includes mapping the plurality of users to a group, for each time interval d of a sequence of dates, having an authority produce a digital signature indicating that members of the group can access door during time interval d, causing at least one of the members of the group to receive the digital signature during time interval d for presentation to the door in order to pass therethrough, having the at least one member of the group present the digital signature to the door D, and having the door open after verifying that (i) the digital signature is a digital signature of the authority indicating that members of the group can access the door at time interval d, and (ii) that the current time is within time interval d.

Abstract: An administration entity controls access to an electronic device by generating credentials and a plurality of corresponding proofs, wherein no valid proofs are determinable given only the credentials and values for expired proofs. The electronic device receives the credentials and, if access is authorized at a particular time, the electronic device receives a proof corresponding to the particular time and confirms the proof using the credentials. A single administration entity may generate the credentials and generate the proofs and/or there may be a first administration entity that generates the credentials and other administration entities that generate proofs. The credentials may be a digital certificate that includes a final value that is a result of applying a one way function to a first one of the proofs.

Abstract: Indicating data currentness includes, on any date of a sequence of dates, issuing a proof indicating the currentness status of the data during a particular time interval. The proof may be a digital signature. The time interval may be in the form of a current date and an amount of time. The proof may include a digital signature of the time interval. The proof may include a digital signature of the time interval and the data. The proof may include a digital signature of the time interval and a compact form of the data, such as a hash. Indicating data currentness may also include distributing the proofs to a plurality of unsecure units that respond to requests by users for the proofs. Indicating data currentness may also include gathering a plurality of separate pieces of data and providing a single proof for the separate pieces of data. The data may be electronic documents.

Abstract: A method of managing certificates in a communication system having a certifying authority and a directory. Preferably, the method begins by having the certifying authority generate certificates by digitally signing a given piece of data. At a later point time, the certifying authority may produce a string that proves whether a particular certificate is currently valid without also proving the validity of at least some other certificates. The technique obviates use of certification revocation lists communicated between the certifying authority and the directory.

Abstract: Determining access includes determining if particular credentials/proofs indicate that access is allowed, determining if there is additional data associated with the credentials/proofs, wherein the additional data is separate from the credentials/proofs, and, if the particular credentials/proofs indicate that access is allowed and if there is additional data associated with the particular credentials/proofs, then deciding whether to deny access according to information provided by the additional data. The credentials/proofs may be in one part or in separate parts. There may be a first administration entity that generates the credentials and other administration entities that generate proofs. The first administration entity may also generate proofs or may not generate proofs. The credentials may correspond to a digital certificate that includes a final value that is a result of applying a one way function to a first one of the proofs.

Abstract: A method of managing certificates in a communication system having a certifying authority and a directory. Preferably, the method begins by having the certifying authority generate certificates by digitally signing a given piece of data. At a later point time, the certifying authority may produce a string that proves whether a particular certificate is currently valid without also proving the validity of at least some other certificates. The technique obviates use of certification revocation lists communicated between the certifying authority and the directory.

Abstract: A method of producing an offer package includes defining, within the offer package, a description of an offered product. The cost of the offered product and the merchant making the offer are also defined within the offer package, which includes an encrypted version of the offered product.

Abstract: A system and method are disclosed for controlling physical access through a digital certificate validation process that works with standard certificate formats and that enables a certifying authority (CA) to prove the validity status of each certificate C at any time interval (e.g., every day, hour, or minute) starting with C's issue date, D1. C's time granularity may be specified within the certificate itself, unless it is the same for all certificates. For example, all certificates may have a one-day granularity with each certificate expires 365 days after issuance. Given certain initial inputs provided by the CA, a one-way hash function is utilized to compute values of a specified byte size that are included on the digital certificate and to compute other values that are kept secret and used in the validation process.

Abstract: We propose new systems for certificate revocation that are more economical and efficient than traditional ones. We also point out what we believe to be a structural problem in traditional public-key infrastructures, and various ways to solve it.

Abstract: A system and method are disclosed for controlling physical access through a digital certificate validation process that works with standard certificate formats and that enables a certifying authority (CA) to prove the validity status of each certificate C at any time interval (e.g., every day, hour, or minute) starting with C's issue date, D1. C's time granularity may be specified within the certificate itself, unless it is the same for all certificates. For example, all certificates may have a one-day granularity with each certificate expires 365 days after issuance. Given certain initial inputs provided by the CA, a one-way hash function is utilized to compute values of a specified byte size that are included on the digital certificate and to compute other values that are kept secret and used in the validation process.

Abstract: A method and system for overcoming the problems associated with certificate revocation lists (CRL's), for example, in a public key infrastructure. The invention uses a tree-based scheme to replace the CRL.

Abstract: A payment processing system includes one transaction processor that aggregates cost data associated with low-priced sales transactions between a consumer and a merchant. The transaction processor sends data that represents the aggregated cost data to an acquiring banking entity associated with the merchant. The system also includes another transaction processor that stores data that represents each individual low-priced sales transaction. The stored data is accessible by one or more banking entities associated with the merchant.

Abstract: Facilitating a transaction between a first party and a second party includes, prior to initiating the transaction, one of the parties obtaining an artificially pre-computed OCSP response about a specific digital certificate, where the artificially pre-computed OCSP response is generated by an entity other than the first party and the second party, one of the parties initiating the transaction, in connection with the transaction, the first party providing the specific digital certificate to the second party, and the second party verifying the specific digital certificate using the artificially pre-computed OCSP response. The second party may obtain the artificially pre-computed OCSP response prior to the transaction being initiated. The second party may cache the artificially pre-computed OCSP response for future transactions. The first party may obtain the artificially pre-computed OCSP response prior to the transaction being initiated.

Abstract: Providing information about digital certificate validity includes obtaining a plurality of signing key/verification key pairs, where each signing key provides a digital signature and a corresponding one of the verification keys verifies the digital signature and where digitally signing together a plurality of data elements using the signing keys is computationally more efficient than digitally signing each of the data elements individually, ascertaining digital certificate validity status for each certificate in a set of digital certificates, generating a plurality of artificially pre-computed messages about the validity status of at least a subset of the set of digital certificates, and digitally signing together the artificially pre-computed messages using signing keys from the pairs. Ascertaining digital certificate validity status may include obtaining authenticated information about digital certificates.

Abstract: Providing information about digital certificate validity includes ascertaining digital certificate validity status for each of a plurality of digital certificates in a set of digital certificates, generating a plurality of artificially pre-computed messages about the validity status of at least a subset of the set of digital certificate of the plurality of digital certificates, where at least one of the messages indicates validity status of more than one digital certificate and digitally signing the artificially pre-computed messages to provide OCSP format responses that respond to OCSP queries about specific digital certificates in the set of digital certificates, where at least one digital signature is used in connection with an OCSP format response for more than one digital certificate. Generating and digitally signing may occur prior to any OCSP queries that are answered by any of the OCSP format responses.

Abstract: Controlling access includes providing a barrier to access that includes a controller that selectively allows access, at least one administration entity generating credentials/proofs, wherein no valid proofs are determinable given only the credentials and values for expired proofs, the controller receiving the credentials/proofs, the controller determining if access is presently authorized, and, if access is presently authorized, the controller allowing access. The credentials/proofs may be in one part or may be in separate parts. There may be a first administration entity that generates the credentials and other administration entities that generate proofs. The first administration entity may also generate proofs or the first administration entity may not generate proofs. The credentials may correspond to a digital certificate that includes a final value that is a result of applying a one way function to a first one of the proofs.