Efficient methods for protecting identity in authenticated transmissions
First Claim
Patent Images
1. An access device, comprising:
- a processor; and
a non-transitory computer-readable storage medium comprising code executable by the processor for implementing a method comprising;
receiving, from a user device, a message including a blinded user device identifier and encrypted user device data;
using the blinded user device identifier to identify a shared secret stored in association with the blinded user device identifier, the storing of the stored shared secret occurring before the receiving of the message;
decrypting the encrypted user device data using the stored shared secret to obtain user device data;
determining a user device public key from a user device certificate, the user device data including the user device certificate and a first cryptographic nonce;
generating the blinded user device identifier based on the user device public key and the first cryptographic nonce;
verifying that the blinded user device identifier generated based on the user device public key and the first cryptographic nonce is the same as the blinded user device identifier included in the message from the user device; and
authenticating the user device based on the verifying of the blinded user device identifier.
0 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for protecting identity in an authenticated data transmission. For example, a contactless transaction between a portable user device and an access device may be conducted without exposing the portable user device'"'"'s public key in cleartext. In one embodiment, an access device may send an access device public key to a portable user device. The user device may return a blinded user device public key and encrypted user device data. The access device may determine a shared secret using the blinded user device public key and an access device private key. The access device may then decrypt the encrypted user device data using the shared secret.
39 Citations
29 Claims
-
1. An access device, comprising:
-
a processor; and a non-transitory computer-readable storage medium comprising code executable by the processor for implementing a method comprising; receiving, from a user device, a message including a blinded user device identifier and encrypted user device data; using the blinded user device identifier to identify a shared secret stored in association with the blinded user device identifier, the storing of the stored shared secret occurring before the receiving of the message; decrypting the encrypted user device data using the stored shared secret to obtain user device data; determining a user device public key from a user device certificate, the user device data including the user device certificate and a first cryptographic nonce; generating the blinded user device identifier based on the user device public key and the first cryptographic nonce; verifying that the blinded user device identifier generated based on the user device public key and the first cryptographic nonce is the same as the blinded user device identifier included in the message from the user device; and authenticating the user device based on the verifying of the blinded user device identifier. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for communicating, comprising:
-
receiving, from a user device, a message including a blinded user device identifier and encrypted user device data; using the blinded user device identifier to identify a shared secret stored in association with the blinded user device identifier, the storing of the stored shared secret occurring before the receiving of the message; decrypting the encrypted user device data using the stored shared secret to obtain user device data; determining a user device public key from a user device certificate, the user device data including the user device certificate and a first cryptographic nonce; generating the blinded user device identifier based on the user device public key and the first cryptographic nonce verifying that the blinded user device identifier generated based on the user device public key and the first cryptographic nonce is the same as the blinded user device identifier included in the message from the user device; and authenticating the user device based on the verifying of the blinded user device identifier. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A user device, comprising:
-
a processor; and a non-transitory computer-readable storage medium comprising code executable by the processor for implementing a method comprising; receiving, from an access device, a request message including an access device identifier; identifying a stored shared secret associated with the access device identifier, the stored shared secret generated based on an access device public key, a user device private key, and a first cryptographic nonce; encrypting user device data using the stored shared secret to obtain encrypted user device data; sending, to the access device, a response message including a blinded user device identifier and the encrypted user device data, wherein the blinded user device identifier is generated from a user device public key associated with the user device private key and the first cryptographic nonce; generating a second shared secret and a second cryptographic nonce, wherein generating the second shared secret is based on a key derivation function, the stored shared secret, the access device identifier, and the blinded user device identifier; generating a second blinded user device identifier based on the second cryptographic nonce and the user device public key; and storing the second shared secret in association with and the second blinded user device identifier for use in decrypting a next message from the user device. - View Dependent Claims (14, 15, 16, 17)
-
-
18. An access device, comprising:
-
a processor; and a non-transitory computer-readable storage medium comprising code executable by the processor for implementing a method comprising; sending, to a user device, a request message including an access device identifier; receiving, from the user device, a response message including a blinded user device identifier and encrypted user device data; using the blinded user device identifier to identify a shared secret stored in association with the blinded user device identifier, the storing of the stored shared secret occurring before the receiving of the message; decrypting the encrypted user device data using the stored shared secret to obtain user device data; generating a second shared secret and a second cryptographic nonce, the generating of the second shared secret and the second cryptograph nonce based on a key derivation function and the stored shared secret; generating a second blinded user device identifier based on the second cryptographic nonce and a user device public key or the blinded user device identifier, wherein the user device data optionally includes the user device public key when the user device public key is used; and storing the second shared secret in association with the second blinded user device identifier for use in decrypting a next message from the user device. - View Dependent Claims (19, 20, 21)
-
-
22. A method for communicating, comprising:
-
sending, to a user device, a request message including an access device identifier receiving, from the user device, a response message including a blinded user device identifier and encrypted user device data; using the blinded user device identifier to identify a shared secret stored in association with the blinded user device identifier, the storing of the stored shared secret occurring before the receiving of the message; decrypting the encrypted user device data using the stored shared secret to obtain user device data; generating a second shared secret and a second cryptographic nonce, the generating of the second shared secret and the second cryptograph nonce based on a key derivation function and the stored shared secret; generating a second blinded user device identifier based on the second cryptographic nonce and a user device public key or the blinded user device identifier, wherein the user device data optionally includes the user device public key when the user device public key is used; and storing the second shared secret in association with the second blinded user device identifier for use in decrypting a next message from the user device. - View Dependent Claims (23, 24, 25)
-
-
26. A user device, comprising:
-
a processor; and a non-transitory computer-readable storage medium comprising code executable by the processor for implementing a method comprising; receiving, from an access device, a request message including an access device identifier; identifying a stored shared secret associated with the access device identifier, the stored shared secret generated based on an access device public key, a user device private key, and a first cryptographic nonce; encrypting user device data using the stored shared secret to obtain encrypted user device data, the user device data including a user device certificate and a first cryptographic nonce, the user device certificate including a user device public key; and sending, to the access device, a response message including a blinded user device identifier and the encrypted user device data, wherein the blinded user device identifier is generated from a user device public key associated with the user device private key and the first cryptographic nonce, the user device data allowing the access device to generate the blinded user device identifier based on the user device public key and the first cryptographic nonce, verify that the blinded user device identifier generated based on the user device public key and the first cryptographic nonce matches the blinded user device identifier included in the response message, and authenticate the user device based on the verifying of the blinded user device identifier. - View Dependent Claims (27, 28, 29)
-
Specification