CRYPTOGRAPHIC METHODS AND SYSTEMS FOR MANAGING DIGITAL CERTIFICATES

Organization Name

LG Electronics Inc.

Inventor(s)

Marcos A. Simplicio, Jr. of Sao Paulo (BR)

Eduardo Lopes Cominetti of Sao Paulo (BR)

Harsh Kupwade Patil of Fremont CA (US)

Jefferson E. Ricardini Fernandez of Sao Paulo (BR)

Marcos Vinicius M. Silva of Sao Paulo (BR)

CRYPTOGRAPHIC METHODS AND SYSTEMS FOR MANAGING DIGITAL CERTIFICATES - A simplified explanation of the abstract

This abstract first appeared for US patent application 18420652 titled 'CRYPTOGRAPHIC METHODS AND SYSTEMS FOR MANAGING DIGITAL CERTIFICATES

The abstract describes a method for generating digital certificates for devices by a Certificate Authority (CA) in communication with a Registration Authority (RA) to ensure the certificates cannot be associated with specific devices. Each certificate is linked to a public signature key and a public encryption key used by the CA to encrypt the certificate from the RA. Both keys are derived from a single key, such as deriving the signature key from the public encryption key. This approach maintains high security even without the CA signing the encrypted certificate, resulting in reduced bandwidth and computational costs.

• Digital certificates are generated for devices by a Certificate Authority (CA) in communication with a Registration Authority (RA).
• Certificates are not associated with specific devices to enhance security.
• Each certificate is linked to a public signature key and a public encryption key.
• The CA uses the encryption key to hide the certificate from the RA.
• Both keys are derived from a single key, reducing bandwidth and computational costs.

Potential Applications: - Secure device authentication - Secure communication between devices - Secure access control systems

Problems Solved: - Preventing the association of certificates with specific devices - Enhancing security in digital certificate generation - Reducing bandwidth and computational costs

Benefits: - Improved security in digital certificate generation - Reduced costs associated with certificate management - Enhanced privacy protection for devices

Commercial Applications: Title: Secure Device Authentication Technology for IoT Devices This technology can be used in IoT devices, smart home systems, and industrial automation for secure communication and access control.

Questions about Digital Certificate Generation: 1. How does the use of a single key for deriving both the signature and encryption keys enhance security in digital certificate generation? 2. What are the potential cost-saving benefits of reducing bandwidth and computational costs in the generation of digital certificates?

Original Abstract Submitted

Digital certificates are generated for devices by a Certificate Authority (CA), which communicates with devices via another entity— registration authority (RA)— so that the CA and RA cannot associate certificates with devices. Each certificate is associated with a public signature key, and with a public encryption key used by CA to encrypt the certificate to hide it from the RA. Both keys are derived by CA from a single key. For example, the signature key can be derived from the public encryption key rather than generated independently. However, high security is obtained even when the CA does not sign the encrypted certificate. Reduced bandwidth and computational costs are obtained as a result. Other embodiments are also provided.