Certicom’s patents in this area cover methods of verifying the authenticity of electronic messages using public keys based on the implementation of elliptic curve cryptography (ECC). Among other things, these processes are ideal for the computational capabilities of smartcards.
US Patent 6,178,507; Data card verification system
The patent covers a method that allows data authentication between devices of limited computational power and those of much greater computational power. The method employs two authentication systems, one in which signing requires less computation than verifying and the other in which verifying requires less computation than signing. The device of limited computational power signs and verifies using the system requiring lesser work, thereby reducing the computational demand. One scenario is that of a smart card and a terminal. The card would sign with ECC and verify with RSA.
A pending application covers the specific situation of a certificate containing the public key of one system and the signature in the certificate having been calculated in the other system. In the typical scenario above, the card would verify the RSA-signed certificates and sign transactions with ECC. This allows leverage of the existing infrastructure while taking advantage of ECC.