Shafi X Goldwasser

US Patent:

49264796, May 15, 1990

Filed:

Apr 29, 1988

Appl. No.:

7/188284

Inventors:

Shafi Goldwasser - Cambridge MA
Joseph Kilian - Cambridge MA
Avi Wigderson - Jerusalem, IL
Michael Ben-Or - Jerusalem, IL

Assignee:

Massachusetts Institute of Technology - Cambridge MA
Yissum Research Development Company of the Hebrew University of Jerusalem - Jerusalem

International Classification:

H04K 100

US Classification:

380 23

Abstract:

In a multiparty verification system, a prover and a verifier are coupled to rocess respective outputs to provide a system output such as an identification verification. The prover is formed of plural units which share confidential information used to encrypt information carried by the prover. Communication between the prover units is prevented. The first prover unit encrypts the information based on additional information received from the verifier and transfers the encrypted information to the verifier. Subsequently, the verifier obtains from the second prover unit the shared confidential information required to decrypt a subset of the transmitted encrypted information.

US Patent:

57683883, Jun 16, 1998

Filed:

Mar 21, 1996

Appl. No.:

8/622040

Inventors:

Shafi Goldwasser - Cambridge MA
Mihir Bellare - San Diego CA

International Classification:

H04K 100
H04L 900

US Classification:

380 30

Abstract:

Methods for designing encryption algorithms with different levels of security for different parties: "easier" (but requiring some work nonetheless) to break for some parties (e. g. , the government) than for other parties (the adversaries at large). This is achieved by a new form of key escrow in which the government gets some information related to the secret keys of individuals but not the secret keys themselves. The information given to the government enables it to decrypt with a predetermined level of computational difficulty less than that for adversaries at large. The new key escrow methods are verifiable. Verification information can be provided to the government so that it can verify that the information escrowed is sufficient to enable it to decrypt with the predetermined level of computational difficulty. The fact that the government must perform some computation to break the encryption schemes of individual users provides a serious deterrent against massive wiretapping.