Validating diffie hellman public private keys
Suppose, however, that n is a prime instead of the products of two primes then phi(n)=n−1 so anyone can determine d from the bogus “public key” (n,e).These are just examples of the problems a user of a public key can get into if they cannot validate the arithmetic properties of a claimed public key for conformance with the requirements of the algorithm. Secure data communications systems are used to transfer information between a pair of correspondents. The present invention relates to secure communication systems and in particular to schemes for validating parameters and keys in such systems. For example, various schemes and protocols have been devised to validate the senders public key, the identity of the sender and the like. 7,215,773, which is a national entry of PCT Application No. For public key or symmetric key systems, there are certain parameters that must be known beforehand between the correspondents. The recipient may then perform a complimentary mathematical operation to decipher the information.
Each of A and B verify the other's certificate and agree upon a symmetric key. It may be seen from the above scenarios that although public key systems are secure the security of the system relies to a large extent on one or both of the correspondents relying on the fact that a claimed given key is in fact the given key for the particular algorithm being used.
The following scenarios may illustrate the implications of a defect in one or more parameters of a public key cryptographic system.
Problems, however, will arise if these parameters are either bogus or defective in some way.
Furthermore, an asymmetric system is secure only if system parameters if any are valid, the enciphering public key is valid, the symmetric key is formatted as specified and the symmetric key recovery checks for format validity.
The security or validity of these systems is dependent on whether the signature is a valid signature and this is only the case if system parameters if any are valid, the public key is valid and the signature verifies.
In accordance with this invention there is provided a method of validating digital signatures in a public key communication system, said method comprising the steps of: verifying the arithmetic property the public key conforms to the system algorithm; and verifying said digital signature.