公开(公告)号：US20230254154A1

公开(公告)日：2023-08-10

申请号：US17669302

申请日：2022-02-10

Applicant: Cisco Technology, Inc.

Inventor： Panagiotis Theodorou Kampanakis ,  Dimitrios Sikeridis

IPC: H04L9/32

CPC classification number: H04L9/3247 ,  H04L9/3239

Abstract: Methods and systems enable internal and external verification of computations performed by a code signing server according to hash-based signature techniques using unique state, and further for a code signing server to expose parts of a hash-based signature log without negating the security of the one-time signature key pairs generated by the code signing server. A signing module of a code signing server receives a signing request from a client computing system. The signing module configures the code signing server to generate a one-time signature key pair based on a Merkle tree state. The signing module configures the code signing server to issue a hash-based signature to the client computing system. The code signing server is configured to record the Merkle tree state and the issued HBS in an immutably ordered log at a logging server.

公开(公告)号：US12267437B2

公开(公告)日：2025-04-01

申请号：US17669302

申请日：2022-02-10

Applicant: Cisco Technology, Inc.

Inventor： Panagiotis Theodorou Kampanakis ,  Dimitrios Sikeridis

IPC: H04L9/32 ,  G06F15/16 ,  H04L15/16 ,  H04L29/06 ,  H04L29/08

Abstract: Methods and systems enable internal and external verification of computations performed by a code signing server according to hash-based signature techniques using unique state, and further for a code signing server to expose parts of a hash-based signature log without negating the security of the one-time signature key pairs generated by the code signing server. A signing module of a code signing server receives a signing request from a client computing system. The signing module configures the code signing server to generate a one-time signature key pair based on a Merkle tree state. The signing module configures the code signing server to issue a hash-based signature to the client computing system. The code signing server is configured to record the Merkle tree state and the issued HBS in an immutably ordered log at a logging server.