Device authentication in a PKI
First Claim
1. A method of establishing a key between a first device and a second device, said method comprising the steps of:
- establishing a shared secret in said first device and in said second device;
calculating an antispoof variable based at least in part upon said shared secret in said first device and in said second device, said antispoof variable being represented by a plurality of digits;
indicating said digits of said antispoof variable from said first device to a user using a first stimulus;
indicating said digits of said antispoof variable from said second device to said user, using a second stimulus;
verifying that said digits of said antispoof variable from said first device and said second device are the same; and
establishing said key based upon said result of said verifying step.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for establishing a link key between correspondents in a public key cryptographic scheme, one of the correspondents being an authenticating device and the other being an authenticated device. The method also provides a means for mutual authentication of the devices. The authenticating device may be a personalized device, such as a mobile phone, and the authenticated device may be a headset. The method for establishing the link key includes the step of introducing the first correspondent and the second correspondent within a predetermined distance, establishing a key agreement and implementing challenge-response routine for authentication. Advantageously, man-in-the middle attacks are minimized.
268 Citations
32 Claims
-
1. A method of establishing a key between a first device and a second device, said method comprising the steps of:
-
establishing a shared secret in said first device and in said second device;
calculating an antispoof variable based at least in part upon said shared secret in said first device and in said second device, said antispoof variable being represented by a plurality of digits;
indicating said digits of said antispoof variable from said first device to a user using a first stimulus;
indicating said digits of said antispoof variable from said second device to said user, using a second stimulus;
verifying that said digits of said antispoof variable from said first device and said second device are the same; and
establishing said key based upon said result of said verifying step. - View Dependent Claims (2, 3, 4, 5, 6)
-
- 7. A method for establishing a link key between a pair of correspondents in a public key cryptographic scheme in which one of said correspondents is an authenticating device and another of said correspondents is an authenticated device, said devices being interoperable over a first normal operating range to exchange information, said method comprising the steps of locating said devices at a relative spacing less than said normal operating range, determining said relative spacing between said devices, comparing said spacing with a predetermined maximum distance and initiating a key agreement protocol between said devices if relative spacing is less than predetermined maximum distance.
-
16. A method for establishing a key between a first correspondent and a second correspondent device, the method including the steps of:
-
establishing a shared secret in said first correspondent and said second correspondent;
calculating an antispoof variable in said first correspondent and said second correspondent, based at least in part upon said shared secret;
generating a random challenge in said first correspondent, said challenge having a plurality of bits;
performing the following substeps for each of said bits of said random challenge;
transmitting said bit of said random challenge from said first correspondent to said second correspondent, receiving said bit of said random challenge from said first correspondent in said second correspondent, in said second correspondent, performing an exclusive OR (XOR) of said bit of said random challenge with a bit of said antispoof variable to determine a response bit, after receiving said bit of said random challenge transmitting said response bit from said second correspondent to said second correspondent, receiving at said first correspondent said response bit, and in said first correspondent performing an XOR of said response bit with a corresponding bit of said antispoof variable and determining if said result bit matches said bit of said random challenge that was transmitted from said first correspondent to said second correspondent;
at said first correspondent determining a time difference between a time said response bit is received and a time said corresponding bit of said random challenge was sent;
at said first correspondent verifying that a sufficiently large number of result bits match said corresponding bit of said transmitted random challenge; and
whereby said key is established when said time difference is substantially small to determine that said second correspondent is within a predetermined distance of the first correspondent and a substantially large number of response bits match said corresponding bits of said transmitted random challenge. - View Dependent Claims (17, 18, 19, 20, 21)
-
-
22. A method for securely determining a distance between a first device and a second device, said method including the steps of:
-
determining at said first device if said second device has a particular piece of information, including the further steps of;
determining a challenge at said first device dividing said challenge into a plurality of portions;
performing the following substeps for each portion of said challenge;
transmitting a portion of said challenge from said first device to said second device, receiving said portion of said challenge from said first device in said second device, in said second device generating a response that is an output of a function whose input in said received portion of said challenge and said particular piece of information, transmitting said response from said second device to said first device, and receiving said response in said first device;
performing a verify function in said first device, said verify function verifying that said responses are a function of corresponding portions of said challenge and are function of said particular piece of information; and
determining said distance between said first device and said second device based on a time difference between a time of reception of said response to a portion of a challenge and a time of transmission of the portion of said challenge. - View Dependent Claims (23, 24, 25, 26, 27)
-
-
28. A method for establishing a key between a first device and a second device, said method including the steps of:
-
establishing a shared secret in said first device and in said second device, wherein said messages used to perform said key agreement are sent using a first form of communication;
calculating an antispoof variable based at least in part upon said shared secret in said first device and in said second device, said antispoof variable being represented by a plurality of digits;
transmitting said digits of said antispoof variable from said first device to said second device using a second form of communication;
verifying in said second device that said digits of said antispoof variable received from said first device are said same as said digits of said antispoof variable calculated by said second device;
and establishing said key based upon said result of said verifying step. - View Dependent Claims (29, 30)
-
-
31. A method of establishing a key between a first device and a second device, the method including the steps of:
-
performing a key agreement to establish in said first device and in said second device a shared secret;
calculating an antispoof variable in said first device and in said second device based at least in part upon said shared secret, said antispoof variable having a plurality of digits;
indicating said digits of said antispoof variable from said first device to a user using an audible stimulus;
indicating said digits of said antispoof variable from a user to said second device;
verifying in said second device that said digits of said antispoof indicated by said user are the same as said digits of said antispoof variable calculated by said second device; and
establishing said key based upon said result of said verifying step.
-
-
32. A method for establishing secure communications between a first correspondent and a second correspondent, said method including the steps of:
-
said first correspondent initializing communication with said second correspondent;
said first correspondent and said second correspondent performing said key agreement;
said first correspondent generating a first public signal associated with said first correspondent and said second correspondent generating a second signal associated with second correspondent;
said first correspondent sending said first public signal to said second correspondent and said second correspondent sending said second public signal to said first correspondent;
said first correspondent performing a first mathematical operation on said second public signal to generate a shared secret signal and said second correspondent performing a corresponding first mathematical operation on first public signal to generate a corresponding shared secret signal;
performing a second mathematical operation to said shared signal and corresponding shared signal to generate an authenticating signal;
said first correspondent and said second correspondent performing mutual authentication of one another, said step of mutual authentication further including a step of;
said first correspondent and said second correspondent performing a third mathematical operation on said authenticating signal to obtain a private verification signal;
whereby said first correspondent and said second correspondent further synchronizing one another to exchange of said private verification signal and compare received verification signal with said private verification signal; and
performing said exchange sequentially as determined by a predefined time period;
establishing a link key for use in authentication between said first correspondent and said second correspondent subsequent to said verification;
performing a fourth mathematical operation on said link key to generate an encryption key.
-
Specification