Cryptographic methods and systems for managing digital certificates with linkage values

What is claimed is: 1. A method for managing digital certificates by entities operable to perform computing on digital values and to communicate with each other, each digital certificate comprising a corresponding linkage value linkable to linkage values of one or more other digital certificates to define one or more groups of digital certificates, the method comprising performing the following operations to generate the digital certificates: generating, by a first entity, first pre-linkage values; receiving, by the first entity, encrypted second pre-linkage values from a second entity, wherein the second pre-linkage values have a similar format as the first pre-linkage values, wherein each encrypted second pre-linkage value is not decryptable by the first entity; for each digital certificate: selecting, by the first entity, a first pre-linkage value and an encrypted second pre-linkage value; combining, by the first entity, the selected first pre-linkage value with the selected encrypted second pre-linkage value without decrypting the second pre-linkage value, to obtain an encrypted combined value, the encrypted combined value being decryptable by the second entity but not the first entity; and sending, by the first entity to the second entity, a certificate generation request comprising the encrypted combined value. 2. The method of claim 1 , further comprising performing, by the second entity, operations of: receiving the certificate generation requests; for each certificate generation request: decrypting the corresponding encrypted combined value; and creating the corresponding digital certificate with a linkage value obtained from the corresponding encrypted combined value. 3. The method of claim 1 , wherein: the second entity performs verification operations on consecutive groups of n certificate generation requests received from the first entity, where n is greater than one, wherein for each group of n certificate generation requests, performing the verification operation comprises: (a) receiving from the first entity a list of the encrypted second pre-linkage values for the group without an indication which of the encrypted second pre-linkage values corresponds to any given certificate generation request; (b) receiving from the first entity an output of a computation performed on the first pre-linkage values for the group, the output not disclosing which of the first pre-linkage values corresponds to any given certificate generation request; (c) matching the combined values for the group with the values received in (a) and (b); (d) if there is no match in (c), then generating an error report. 4. The method of claim 1 , wherein for each combined value, the second entity does not know which second pre-linkage value was selected by the first entity for the combined value. 5. The method of claim 1 , further comprising: receiving, by the first entity, an identification of a certificate generation request corresponding to a first digital certificate which is a member of a group to be revoked; in response to the certificate generation request, determining, by the first entity: a first group-linking value from which the first pre-linkage values corresponding to the digital certificates in the group are computable; and second group-linking data allowing the second computer entity to determine a second group-linking value from which the second pre-linkage values corresponding to the digital certificates in the group are computable; determining the second group-linking value by the second entity from the second group-linking data; revoking the digital certificates in the group by making available, to potential verifiers of validity of the digital certificates, the first and second group-linking values, and/or the first and second pre-linkage values corresponding to the digital certificates in the group, to allow the potential verifiers to match a linkage value of any digital certificate against the linkage values of the digital certificates in the group. 6. The method of claim 5 , wherein the certificate generation request received by the first entity is determined by the second entity based on the linkage value of the first digital certificate. 7. The method of claim 1 , further comprising: receiving, by the first entity, an identification of a certificate generation request corresponding to a first digital certificate which is a member of a group to be revoked; in response to the certificate generation request, determining, by the first entity: a first group-linking value from which the first pre-linkage values corresponding to the digital certificates in the group are computable; and second group-linking data allowing the second computer entity to determine a second group-linking value from which the second pre-linkage values corresponding to the digital certificates in the group are computable; determining the second group-linking value by the second entity from the second group-linking data; verifying whether the first and second group-linking values match the linkage value of the first digital certificate; if the verifying is successful, then revoking the digital certificates in the group by making available, to potential verifiers of validity of the digital certificates, the first and second group-linking values, and/or the first and second pre-linkage values corresponding to the digital certificates in the group, to allow the potential verifiers to match a linkage value of any digital certificate against the linkage values of the digital certificates in the group; if the verifying fails, then generating an error report. 8. The method of claim 6 wherein: each digital certificate is associate with a validity time period which is a time period when the certificate is valid; the first entity receives an indication of one or more validity time periods for the group to be revoked, the group being limited to certificates valid in the one or more validity time periods; and the first and second group-linking values correspond to the indication of the one or more time periods. 9. The method of claim 6 wherein: each digital certificate is associate with a type; the first entity receives an indication of one or more types for the group to be revoked, the group being limited to certificates associated with the one or more types; and the first and second group-linking values correspond to the indication of the one or more types. 10. The method of claim 1 wherein: the digital certificates are generated in response to the first entity receiving one or more user requests, each user request being a request to generate a batch of digital certificates for a respective user for a plurality of time periods, each batch including, for each time period, a plurality of digital certificates valid in the time period; wherein each digital certificate is not trackable to the respective user without secret information available to the first entity; wherein the second entity does not receive the secret information m generating the certificates; wherein the method further comprises, for each digital certificate generated by the second entity, the first entity receiving, from the second entity, a message comprising the digital certificate encrypted by the second entity, wherein each encrypted digital certificate is not decryptable by the first entity, and the first entity sending the message to the respective user, the user being able to decrypt the digital certificate upon receipt of the message. 11. A method for managing digital certificates by entities operable to perform computing on digital values and to communicate with each other, the entities comprising at least