Dismiss
InnovationQ/InnovationQ Plus content will be updated on Sunday, June 25, 10am ET, with new patent and non-patent literature collections. Click here to learn more.
Browse Prior Art Database

Diffie-Hellman Proof-of-Possession Algorithms (RFC2875)

IP.com Disclosure Number: IPCOM000003476D
Original Publication Date: 2000-Jul-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 19 page(s) / 42K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

H. Prafullchandra: AUTHOR [+2]

Abstract

This document describes two methods for producing an integrity check value from a Diffie-Hellman key pair. This behavior is needed for such operations as creating the signature of a PKCS #10 certification request. These algorithms are designed to provide a proof-of- possession rather than general purpose signing.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 7% of the total text.

Network Working Group H. Prafullchandra

Request for Comments: 2875 Critical Path Inc

Category: Standards Track J. Schaad

July 2000

Diffie-Hellman Proof-of-Possession Algorithms

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2000). All Rights Reserved.

Abstract

This document describes two methods for producing an integrity check

value from a Diffie-Hellman key pair. This behavior is needed for

such operations as creating the signature of a PKCS #10 certification

request. These algorithms are designed to provide a proof-of-

possession rather than general purpose signing.

1. Introduction

PKCS #10 [RFC2314] defines a syntax for certification requests. It

assumes that the public key being requested for certification

corresponds to an algorithm that is capable of signing/encrypting.

Diffie-Hellman (DH) is a key agreement algorithm and as such cannot

be directly used for signing or encryption.

This document describes two new proof-of-possession algorithms using

the Diffie-Hellman key agreement process to provide a shared secret

as the basis of an integrity check value. In the first algorithm,

the value is constructed for a specific recipient/verifier by using a

public key of that verifier. In the second algorithm, the value is

constructed for arbitrary verifiers.

2. Terminology

The following definitions will be used in this document

DH certificate = a certificate whose SubjectPublicKey is a DH public

value and is signed with any signature algorithm (e.g. RSA or DSA).

3. Static DH Proof-of-Possession Process

The steps for creating a DH POP are:

1. An entity (E) chooses the group parameters for a DH key

agreement.

This is done simply by selecting the group parameters from a

certificate for the recipient of the POP process.

A certificate with the correct group parameters has to be

available. Let these common DH parameters be g and p; and let

this DH key-pair be known as the Recipient key pair (Rpub and

Rpriv).

Rpub = g^x mod p (where x=Rpriv, the private DH value and

^ denotes exponentiation)

2. The entity generates a DH public/private key-pair using the

parameters from step 1.

For an entity E:

Epriv = DH private value = y

Epub = DH public value = g^y mod p

3. The POP computation process will then consist of:

a) The value to be signed is obtained. (For a RFC2314 obje...