The present invention relates generally to authentication via revocable signatures, and more particularly to authentication of messages sent by signing computers to verifier computers via signatures that can be selectively revoked when desired.
Cryptographic signatures are widely used in computer systems to authenticate messages sent between computers. The sender (herein “signing computer”) typically signs its message using a secret (private) signing key of a public-private cryptographic key pair. The signature is then sent with the message to the recipient (herein “verifier computer”) which can verify authenticity of the signature using the public key of the sender's signing key pair. This public key is authenticated via a digital certificate issued by a trusted certification authority of a PKI (Public Key Infrastructure).
Signature revocation in standard schemes involves either revocation of signing rights (e.g. by revoking access to a signing server or by revoking a credential certifying the signer's right to sign with a signing key), or revocation of a signer's public key certificate whereby the certificate, including the public key, is invalidated for all signatures. All signatures of that signer are thereby revoked.