Validation protocol and system
First Claim
1. A validation protocol for determining whether an untrusted authentication chip is valid, or not, including the steps of:
- generating a secret random number and calculating a signature for the random number using a signature function, in a trusted authentication chip;
encrypting the random number and the signature by a symmetric encryption function using a first key, in the trusted authentication chip;
passing the encrypted random number and signature from the trusted authentication chip to an untrusted authentication chip;
decrypting the encrypted random number and signature with a symmetric decryption function using the first key, in the untrusted authentication chip;
calculating a signature for the decrypted random number using the signature function, in the untrusted authentication chip;
comparing the signature calculated in the untrusted authentication chip with the signature decrypted;
in the event that the two signatures match, encrypting the decrypted random number by the symmetric encryption function using a second key and returning it to the trusted authentication chip;
encrypting the random number by the symmetric encryption function using the second key, in the trusted authentication chip;
comparing the two random numbers encrypted using the second key, in the trusted authentication chip;
in the event that the two random numbers encrypted using the second key match, considering the untrusted authentication chip to be valid;
otherwise considering the untrusted authentication chip to be invalid.
2 Assignments
0 Petitions
Accused Products
Abstract
This invention is a validation protocol for determining whether an untrusted authentication chip is valid, or not. In another aspect it concerns a validation system for the protocol. The protocol may be used to determine the physical presence of a valid authentication chip. In this case a system may call the trusted chip to generate a random number and a digital signature for it, encrypt them with a first key and then call a prove function in the untrusted chip. The prove function decrypts the random number and signature, and calculates another signature from the decrypted random number, for comparison with the decrypted one. If the comparison is successful the random number is encrypted with another key and sent back. Finally, a test function is called in the trusted chip to generate its own encrypted version of the random number using the second key and then compare it with the received version to validate the untrusted chip. The untrusted chip may be associated with a consumable so that validation of the untrusted chip authenticates the consumable.
115 Citations
20 Claims
-
1. A validation protocol for determining whether an untrusted authentication chip is valid, or not, including the steps of:
-
generating a secret random number and calculating a signature for the random number using a signature function, in a trusted authentication chip;
encrypting the random number and the signature by a symmetric encryption function using a first key, in the trusted authentication chip;
passing the encrypted random number and signature from the trusted authentication chip to an untrusted authentication chip;
decrypting the encrypted random number and signature with a symmetric decryption function using the first key, in the untrusted authentication chip;
calculating a signature for the decrypted random number using the signature function, in the untrusted authentication chip;
comparing the signature calculated in the untrusted authentication chip with the signature decrypted;
in the event that the two signatures match, encrypting the decrypted random number by the symmetric encryption function using a second key and returning it to the trusted authentication chip;
encrypting the random number by the symmetric encryption function using the second key, in the trusted authentication chip;
comparing the two random numbers encrypted using the second key, in the trusted authentication chip;
in the event that the two random numbers encrypted using the second key match, considering the untrusted authentication chip to be valid;
otherwise considering the untrusted authentication chip to be invalid. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification