Abstract: A method of managing certificates in a communication system having a certifying authority and a directory. Preferably, the method begins by having the certifying authority generate certificates by digitally signing a given piece of data. At a later point time, the certifying authority may produce a string that proves whether a particular certificate is currently valid without also proving the validity of at least some other certificates. The technique obviates use of certification revocation lists communicated between the certifying authority and the directory.

Abstract: Issuing and disseminating a data about a credential includes having an entity issue authenticated data indicating that the credential has been revoked, causing the authenticated data to be stored in a first card of a first user, utilizing the first card for transferring the authenticated data to a first door, having the first door store information about the authenticated data, and having the first door rely on information about the authenticated data to deny access to the credential. The authenticated data may be authenticated by a digital signature and the first door may verify the digital signature. The digital signature may be a public-key digital signature. The public key for the digital signature may be associated with the credential. The digital signature may be a private-key digital signature. The credential and the first card may both belong to the first user.

Abstract: Logging events associated with accessing an area includes recording an event associated with accessing the area to provide an event recording and authenticating at least the event recording to provide an authenticated recording. Recording an event may include recording a time of the event. Recording an event may include recording a type of event. The event may be an attempt to access the area. Recording an event may include recording credentials/proofs used in connection with the attempt to access the area. Recording an event may include recording a result of the attempt. Recording an event may include recording the existence of data other than the credentials/proofs indicating that access should be denied. Recording an event may include recording additional data related to the area. Authenticating the recording may include digitally signing the recording.

Abstract: Determining access includes determining if particular credentials/proofs indicate that access is allowed, determining if there is additional data associated with the credentials/proofs, wherein the additional data is separate from the credentials/proofs, and, if the particular credentials/proofs indicate that access is allowed and if there is additional data associated with the particular credentials/proofs, then deciding whether to deny access according to information provided by the additional data. The credentials/proofs may be in one part or in separate parts. There may be a first administration entity that generates the credentials and other administration entities that generate proofs. The first administration entity may also generate proofs or may not generate proofs. The credentials may correspond to a digital certificate that includes a final value that is a result of applying a one way function to a first one of the proofs.

Abstract: An entity controlling access of a plurality of users to at least one disconnected door includes mapping the plurality of users to a group, for each time interval d of a sequence of dates, having an authority produce a digital signature indicating that members of the group can access door during time interval d, causing at least one of the members of the group to receive the digital signature during time interval d for presentation to the door in order to pass therethrough, having the at least one member of the group present the digital signature to the door D, and having the door open after verifying that (i) the digital signature is a digital signature of the authority indicating that members of the group can access the door at time interval d, and (ii) that the current time is within time interval d.

Abstract: At least one administration entity controls access to an electronic device by the at least one administration entity generating credentials and a plurality of corresponding proofs for the electronic device, wherein no valid proofs are determinable given only the credentials and values for expired proofs, the electronic device receiving the credentials, if access is authorized at a particular time, the electronic device receiving a proof corresponding to the particular time, and the electronic device confirming the proof using the credentials. The at least one administration entity may generate proofs after generating the credentials. A single administration entity may generate the credentials and generate the proofs. There may be a first administration entity that generates the credentials and other administration entities that generate proofs. The first administration entity may also generate proofs or may not.

Abstract: Indicating data currentness includes, on any date of a sequence of dates, issuing a proof indicating the currentness status of the data during a particular time interval. The proof may be a digital signature. The time interval may be in the form of a current date and an amount of time. The proof may include a digital signature of the time interval. The proof may include a digital signature of the time interval and the data. The proof may include a digital signature of the time interval and a compact form of the data, such as a hash. Indicating data currentness may also include distributing the proofs to a plurality of unsecure units that respond to requests by users for the proofs. Indicating data currentness may also include gathering a plurality of separate pieces of data and providing a single proof for the separate pieces of data. The data may be electronic documents.

Abstract: A micropayment system and method is presented for a payor U to establish payment to payee M for a transaction T, which typically has a very low value Tv. The micropayment scheme minimizes the bank's processing costs, while at the same time climinating the need for users and merchants to interact in order to determine whether a given micropayment should be selected for payment. In one embodiment, the micropayment scheme includes time constraints, which require that an electronic check C for the transaction T be presented to a bank B for payment within a predetermined time/date interval. In another embodiment, the micropayment scheme includes a selective deposit protocol, which guarantees that a user is never charged in excess of what he actually spends, even within a probabilistic framework. In another embodiment, the micropayment scheme includes a deferred selection protocol, which provides the bank with control and flexibility over the payment selection process.

Abstract: A method of managing certificates in a communication system having a certifying authority and a directory. Preferably, the method begins by having the certifying authority generate certificates by digitally signing a given piece of data. At a later point time, the certifying authority may produce a string that proves whether a particular certificate is currently valid without also proving the validity of at least some other certificates. The technique obviates use of certification revocation lists communicated between the certifying authority and the directory.

Abstract: A system and method are disclosed for controlling physical access through a digital certificate validation process that works with standard certificate formats and that enables a certifying authority (CA) to prove the validity status of each certificate C at any time interval (e.g., every day, hour, or minute) starting with C's issue date, D1. C's time granularity may be specified within the certificate itself, unless it is the same for all certificates. For example, all certificates may have a one-day granularity with each certificate expires 365 days after issuance. Given certain initial inputs provided by the CA, a one-way hash function is utilized to compute values of a specified byte size that are included on the digital certificate and to compute other values that are kept secret and used in the validation process.

Abstract: We propose new systems for certificate revocation that are more economical and efficient than traditional ones. We also point out what we believe to be a structural problem in traditional public-key infrastructures, and various ways to solve it.

Abstract: We propose new systems for certificate revocation that are more economical and efficient than traditional ones. We also point out what we believe to be a structural problem in traditional public-key infrastructures, and various ways to solve it.

Abstract: Managing a digital certificate includes a landlord providing a digital certificate, a secure hardware device generating a series of n hash values, the secure hardware device providing an nth hash value to the landlord, wherein other hash values are not readily available to the landlord, the landlord placing the nth hash value in the certificate, the landlord digitally verifying the certificate containing the nth hash value to obtain a digitally signed certificate, a tenant obtaining the digitally signed certificate, the tenant obtaining the n hash values and the tenant managing the certificate by periodically issuing a previous hash value in the series of n hash values in response to the certificate being valid when the previous hash value is issued.

Abstract: A method of managing certificates in a communication system having a certifying authority and a directory. Preferably, the method begins by having the certifying authority generate certificates by digitally signing a given piece of data. At a later point time, the certifying authority may produce a string that proves whether a particular certificate is currently valid without also proving the validity of at least some other certificates. The technique obviates use of certification revocation lists communicated between the certifying authority and the directory.

Abstract: A method and system for overcoming the problems associated with certificate revocation lists (CRL's), for example, in a public key infrastructure. The invention uses a tree-based scheme to replace the CRL.

Abstract: A method and system for overcoming the problems associated with certificate revocation lists (CRL's), for example, in a public key infrastructure. The invention uses a tree-based scheme to replace the CRL.

Abstract: A certification revocation system uses a one-way function F to verify the validity of a certificate that includes a first value V. Included are means for receiving a second value V′ and means for iterating F on V′ and for comparing the result thereof to V. The function F is used to verify that a certificate having an issue date D and including a first value V is valid at a date belonging to a sequence of dates after D.

Abstract: An electronic communication in the presence of a trusted party enables an exchange of unpredictable values in which a second party receives a first value produced by a first party and unpredictable to the second party if and only if the first party receives a second value produced by the second party and unpredictable to the first party. The communication includes exchanging a first set of communications between the first and second parties without participation of the trusted party to attempt completion of the exchange of unpredictable values. If the exchange of unpredictable values is not completed using the first set of communications between the first and second parties, the trusted party takes action to complete the exchange. At least one party is authenticated to belong to a group of parties that exchanges unpredictable values. The group may be a group of subscribers. The at least one party may be authenticated by a digital signature. The digital signature may be produced by the trusted party.

Abstract: A number of electronic communications methods are described involving a first and a second party (i.e., sender and recipient), with assistance from at least a trusted party, enabling electronic transactions in which the first party has a message for the second party. The first party, the second party and the trusted party undertake an exchange of transmissions, such that if all transmissions reach their destinations the second party only receives the message if the first party receives at least one receipt. Preferably, the identity of the first party is temporarily withheld from the second party during the transaction. At least one receipt received to the first party enables the first party to prove the content of the message received by the second party.

Abstract: A method, using a public-key cryptosystem, for enabling a predetermined entity to monitor communications of users .[.suspected of unlawful activities while protecting the privacy of law-abiding users.]., wherein each user is assigned a pair of matching secret and public keys. According to the method, each user's secret key is broken into shares. Then, each user provides a plurality of "trustees" pieces of information. The pieces of information provided to each trustee enable that trustee to verify that such information includes a "share" of a secret key of some given public key. Each trustee can verify that the pieces of information provided include a share of the secret key without interaction with any other trustee or by sending messages to the user. Upon a predetermined request or condition, e.g., a court order authorizing the entity to monitor the communications of a user .[.suspected of unlawful activity.]., the trustees reveal to the entity the shares of the secret key of such user.