Search

US-12627509-B2 - Cryptographically authenticated database representing a multiple-key-pair root certificate authority

US12627509B2US 12627509 B2US12627509 B2US 12627509B2US-12627509-B2

Abstract

In a general aspect, a cryptography system includes a multiple-key pair root certificate authority. In some aspects, a plurality of distinct cryptographic pairs of public keys and private keys of a root certificate authority are generated. A plurality of distinct self-signed root certificates of the root certificate authority are generated. The plurality of distinct self-signed root certificates are each based on and correspond to a respective one of plurality of distinct cryptographic key pairs. A cryptographically authenticated database is generated that includes the plurality of distinct self-signed root certificates and represents the root certificate authority. The cryptographically authenticated database includes validity information of each of the plurality of self-signed root certificates. The cryptographically authenticated database is distributed to entities in a public key infrastructure. The entities can use the validity information to cryptographically verify the validity or invalidity of each of the plurality of distinct self-signed root certificate.

Inventors

  • Atsushi Yamada

Assignees

  • ISARA Corporation

Dates

Publication Date
20260512
Application Date
20230721

Claims (20)

  1. 1 . A method comprising: generating a plurality of distinct cryptographic key pairs of a root certificate authority, each of the plurality of distinct cryptographic key pairs comprising a public key and a private key; generating a plurality of distinct self-signed root certificates of the root certificate authority, the plurality of distinct self-signed root certificates based on the plurality of distinct cryptographic key pairs, each of the plurality of distinct self-signed root certificates corresponding to a respective key pair of the plurality of distinct cryptographic key pairs and comprising: an identity of the root certificate authority; the public key of the respective key pair; and a digital signature generated using the private key of the respective key pair, generating a cryptographically authenticated database representing the root certificate authority and comprising: the plurality of distinct self-signed root certificates of the root certificate authority; and validity information representing validity or invalidity of each of the plurality of self-signed root certificates; and distributing the cryptographically authenticated database to entities in a public key infrastructure, wherein the entities can use the validity information to cryptographically verify the validity or invalidity of each of the plurality of distinct self-signed root certificates.
  2. 2 . The method of claim 1 , wherein: the digital signatures in the plurality of distinct self-signed root certificates are a first plurality of digital signatures of the root certificate authority; and the validity information comprises a second plurality of digital signatures of the root certificate authority, each of the second plurality of digital signatures generated by a respective private key of the plurality of distinct cryptographic key pairs.
  3. 3 . The method of claim 2 , wherein generating the cryptographically authenticated database comprises generating an initial block of a cryptographically authenticated chain of data blocks.
  4. 4 . The method of claim 3 , wherein generating the initial block comprises: generating a data block comprising the plurality of distinct self-signed root certificates; generating the second plurality of digital signatures based on the data block; and appending the second plurality of digital signatures to the data block to form the initial block.
  5. 5 . The method of claim 2 , wherein generating the cryptographically authenticated database comprises generating an initial block and a first action block of a cryptographically authenticated chain of data blocks.
  6. 6 . The method of claim 5 , wherein: generating the initial block comprises: generating a first data block comprising a first subset of distinct self-signed root certificates; generating a first subset of the second plurality of digital signatures based on the first data block; and appending the first subset of the second plurality of digital signatures to the first data block to form the initial block, and generating the first action block comprises: generating a second data block comprising a second subset of distinct self-signed root certificates; generating a hash of the initial block; generating a second subset of the second plurality of digital signatures based on a concatenation of the second data block and the hash; and appending the hash and the second subset of the second plurality of digital signatures to the second data block to form the first action block.
  7. 7 . The method of claim 6 , wherein generating a second action block comprises: generating a third data block comprising a third subset of distinct self-signed root certificates; generating a hash of a preceding action block; generating a third subset of the second plurality of digital signatures based on a concatenation of the third data block and the hash of the immediately preceding action block; and appending the hash of the preceding action block and the third subset of the second plurality of digital signatures to the third data block to form the second action block.
  8. 8 . The method of claim 5 , wherein the initial block comprises the plurality of distinct self-signed root certificates, and the action block indicates that at least one of the plurality of distinct self-signed root certificates is invalid.
  9. 9 . A computer system comprising: one or more processors; and memory storing instructions that are operable when executed by the one or more processors to perform operations comprising: generating a plurality of distinct cryptographic key pairs of a root certificate authority, each of the plurality of distinct cryptographic key pairs comprising a public key and a private key; generating a plurality of distinct self-signed root certificates of the root certificate authority, the plurality of distinct self-signed root certificates based on the plurality of distinct cryptographic key pairs, each of the plurality of distinct self-signed root certificates corresponding to a respective key pair of the plurality of distinct cryptographic key pairs and comprising: an identity of the root certificate authority; the public key of the respective key pair; and a digital signature generated using the private key of the respective key pair, generating a cryptographically authenticated database representing the root certificate authority and comprising: the plurality of distinct self-signed root certificates of the root certificate authority; and validity information representing validity or invalidity of each of the plurality of self-signed root certificates; and distributing the cryptographically authenticated database to entities in a public key infrastructure, wherein the entities can use the validity information to cryptographically verify the validity or invalidity of each of the plurality of distinct self-signed root certificates.
  10. 10 . The system of claim 9 , wherein: the digital signatures in the plurality of distinct self-signed root certificates are a first plurality of digital signatures of the root certificate authority; and the validity information comprises a second plurality of digital signatures of the root certificate authority, each of the second plurality of digital signatures generated by a respective private key of the plurality of distinct cryptographic key pairs.
  11. 11 . The system of claim 10 , wherein generating the cryptographically authenticated database comprises generating an initial block of a cryptographically authenticated chain of data blocks.
  12. 12 . The system of claim 11 , wherein generating the initial block comprises: generating a data block comprising the plurality of distinct self-signed root certificates; generating the second plurality of digital signatures based on the data block; and appending the second plurality of digital signatures to the data block to form the initial block.
  13. 13 . The system of claim 10 , wherein generating the cryptographically authenticated database comprises generating an initial block and a first action block of a cryptographically authenticated chain of data blocks.
  14. 14 . The system of claim 13 , wherein: generating the initial block comprises: generating a first data block comprising a first subset of distinct self-signed root certificates; generating a first subset of the second plurality of digital signatures based on the first data block; and appending the first subset of the second plurality of digital signatures to the first data block to form the initial block, and generating the first action block comprises: generating a second data block comprising a second subset of distinct self-signed root certificates; generating a hash of the initial block; generating a second subset of the second plurality of digital signatures based on a concatenation of the second data block and the hash; and appending the hash and the second subset of the second plurality of digital signatures to the second data block to form the first action block.
  15. 15 . The system of claim 14 , wherein generating a second action block comprises: generating a third data block comprising a third subset of distinct self-signed root certificates; generating a hash of a preceding action block; generating a third subset of the second plurality of digital signatures based on a concatenation of the third data block and the hash of the preceding action block; and appending the hash of the preceding action block and the third subset of the second plurality of digital signatures to the third data block to form the second action block.
  16. 16 . The system of claim 13 , wherein the initial block comprises the plurality of distinct self-signed root certificates, and the action block indicates that at least one of the plurality of distinct self-signed root certificates is invalid.
  17. 17 . A non-transitory computer-readable medium comprising instructions that, when executed by data processing apparatus, perform operations comprising: generating a plurality of distinct cryptographic key pairs of a root certificate authority, each of the plurality of distinct cryptographic key pairs comprising a public key and a private key; generating a plurality of distinct self-signed root certificates of the root certificate authority, the plurality of distinct self-signed root certificates based on the plurality of distinct cryptographic key pairs, each of the plurality of distinct self-signed root certificates corresponding to a respective key pair of the plurality of distinct cryptographic key pairs and comprising: an identity of the root certificate authority; the public key of the respective key pair; and a digital signature generated using the private key of the respective key pair, generating a cryptographically authenticated database representing the root certificate authority and comprising: the plurality of distinct self-signed root certificates of the root certificate authority; and validity information representing validity or invalidity of each of the plurality of self-signed root certificates; and distributing the cryptographically authenticated database to entities in a public key infrastructure, wherein the entities can use the validity information to cryptographically verify the validity or invalidity of each of the plurality of distinct self-signed root certificates.
  18. 18 . The computer-readable medium of claim 17 , wherein: the digital signatures in the plurality of distinct self-signed root certificates are a first plurality of digital signatures of the root certificate authority; and the validity information comprises a second plurality of digital signatures of the root certificate authority, each of the second plurality of digital signatures generated by a respective private key of the plurality of distinct cryptographic key pairs.
  19. 19 . The computer-readable medium of claim 18 , wherein generating the cryptographically authenticated database comprises generating an initial block of a cryptographically authenticated chain of data blocks.
  20. 20 . The computer-readable medium of claim 19 , wherein generating the initial block comprises: generating a data block comprising the plurality of distinct self-signed root certificates; generating the second plurality of digital signatures based on the data block; and appending the second plurality of digital signatures to the data block to form the initial block.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS This patent application claims priority to, and incorporates by reference the entire disclosure of, U.S. Provisional Patent Application No. 63/391,465 filed on Jul. 22, 2022 and titled “Multiple Key Pair Root Certificate Authority”. BACKGROUND The following description relates to a multiple-key-pair root certificate authority for cryptography systems. Cryptography systems are used to communicate securely over public channels. For example, some cryptography systems provide confidentiality by encrypting messages, and some cryptography systems provide authenticity through digital signatures. Some cryptography systems operate using public keys, private keys and shared secrets. DESCRIPTION OF DRAWINGS FIG. 1A is a diagram of an example communication system. FIG. 1B is a diagram showing aspects of the example cryptographically authenticated chain of data blocks 120 in FIG. 1A. FIG. 1C is a block diagram of an example computer system of a root certificate authority. FIG. 2A is a diagram of an example initial block of a cryptographically authenticated chain of data blocks associated with a root certificate authority. FIG. 2B is a diagram of a cryptographically authenticated chain of data blocks illustrating the example initial block of FIG. 2A and example action blocks. FIG. 2C is a diagram of a certificate chain stemming from a root certificate of the example initial block of FIG. 2A. FIG. 3 is a diagram illustrating an example process for generating a cryptographically authenticated chain of data blocks. FIG. 4 is a diagram illustrating an example process for validating a root certificate. FIG. 5 is a block diagram of an example computer system. FIG. 6 is a diagram illustrating an example process for generating a cryptographically authenticated database of root certificates. DETAILED DESCRIPTION In some aspects of what is described here, a cryptography system includes a root certificate authority (root CA) having multiple key pairs. In some instances, implementations of the systems and techniques described here provide technical advantages or improvements over existing technologies. As an example, damage from a compromise of a root certificate authority's private key (e.g., a security compromise arising out of an attack, technical malfunction or other event) can be contained by using a root certificate authority having multiple key pairs. For instance, a root certificate authority with multiple key pairs may provide a protocol or another formal mechanism to revoke the public key corresponding to the compromised private key, or in some cases, to remove the problematic root certificate entirely. As another example, the validity of a root certificate can be modified (e.g., revoked or reinstated), and the validity of a root certificate can be audited and cryptographically verified by other entities in the cryptography system. For instance, a cryptographically authenticated database can provide public proof that a root certificate is valid or invalid. End entities can enquire as to the status of a root certificate, and the root CA can provide cryptographically verifiable status information. Accordingly, aspects of the systems and techniques described here can be used to improve the operation of communications systems (e.g., data networks, etc.), computer systems (e.g., network-connected computers, etc.), smart devices (e.g., so-called “Internet-of-Things” (IoT) devices, etc.) and other classes of technology. For example, a wide variety of modern technologies rely on computer-implemented cryptosystems for secure operation, and the techniques described here can improve such computer-implemented cryptography systems, for example, making them more secure, more efficient or providing other advantages in some instances. Public key cryptography is extensively deployed in a variety of technologies to achieve secure authentication, secret key sharing, etc. Using a public key, one can validate a digital signature to verify the identity of the communicating party, or to establish a shared secret to securely encrypt a message. Security provided by public key cryptography typically relies on the received public key being securely bound to a legitimate identity in a trusted manner. Without such secure binding, an entity could unknowingly trust the identity of a malicious party that is impersonating the intended party, or send a message to a wrong recipient who is actually an adversary. Public Key Infrastructure (PKI) systems have been used to establish trust in a public key that it is bound to a legitimate identity. PKI is currently the most widely deployed mechanism to establish trust in a cryptography system. Conventionally, PKI systems build a hierarchical tree of trust stemming from a trusted entity referred to as a root certificate authority (root CA), presenting itself as a root of trust. In a typical PKI system, a certificate authority (CA) confirms that a public key belongs to an iden