Data transmission links
First Claim
1. A method of establishing a secure communications link between a terminal and a server, the method comprising:
- assembling a message comprising a secret number and a digital signature for the secret number, the digital signature being generated using a private key for the server;
encrypting the message at the server end of the communications link using a public key for the terminal;
sending said encrypted message from the server to the terminal;
decrypting said encrypted message at the terminal using a private key for the terminal;
validating the message by checking the digital signature using a public key for the server; and
establishing said secure communications link using said secret number;
wherein the public and private keys for the terminal and server are public and private keys of an asymmetric cryptographic technique.
1 Assignment
0 Petitions
Accused Products
Abstract
This invention generally relates to secure communications links for data transmission and more particularly relates to data communications links in which asymmetric cryptographic techniques are used to establish a secure link using symmetric cryptography.
A method of establishing a secure communications link between a terminal and a server, the method comprising, assembling a message comprising a secret number and a digital signature for the secret number, the digital signature being generated using a private key for the server, encrypting the message at the server end of the communications link using a public key for the terminal, sending said encrypted message from the server to the terminal, decrypting said encrypted message at the terminal using a private key for the terminal, validating the message by checking the digital signature using a public key for the server; and establishing said secure communications link using said secret number, wherein the public and private keys for the terminal and server are public and private keys of an asymmetric cryptographic technique. Corresponding software is also provided.
The method facilitates fast and if desired, anonymous, download of software to a mobile communications system terminal.
64 Citations
21 Claims
-
1. A method of establishing a secure communications link between a terminal and a server, the method comprising:
-
assembling a message comprising a secret number and a digital signature for the secret number, the digital signature being generated using a private key for the server;
encrypting the message at the server end of the communications link using a public key for the terminal;
sending said encrypted message from the server to the terminal;
decrypting said encrypted message at the terminal using a private key for the terminal;
validating the message by checking the digital signature using a public key for the server; and
establishing said secure communications link using said secret number;
wherein the public and private keys for the terminal and server are public and private keys of an asymmetric cryptographic technique. - View Dependent Claims (2, 3, 4, 5, 6, 7, 17, 18, 19, 20, 21)
-
-
8. A method of establishing a secure communications link between a server and a terminal, the method comprising:
-
assembling a message comprising a secret number and a digital signature for the secret number, the digital signature being generated using a private key for the terminal;
encrypting the message at the terminal end of the communications link using a public key for the server;
sending said encrypted message from the terminal to the server;
decrypting said encrypted message at the server using a private key for the server;
validating the message by checking the digital signature using a public key for the terminal; and
establishing said secure communications link using said secret number;
wherein the public and private keys for the server and terminal are public and private keys of an asymmetric cryptographic technique.
-
-
9. A method of establishing a secure communications link between a terminal and a server, the method comprising:
-
performing, at the server-end of the communications link, a signing operation on a message comprising a secret number, using a private key for the server, to generate a digital signature, the message being recoverable from the digital signature;
sending a message comprising the digital signature from the server to the terminal;
extracting the secret number from the digital signature at the terminal and establishing said secure communications links using the secret number. - View Dependent Claims (10, 11, 12)
-
-
13. A method of establishing a secure communications link between a server and a terminal, the method comprising:
-
performing, at the terminal-end of the communications link, a signing operation on a message comprising a secret number using a private key for the terminal to generate a digital signature, the message being recoverable from the digital signature;
sending a message comprising the digital signature from the terminal to the server;
extracting the secret number from the digital signature at the server and establishing said secure communications links using the secret number. - View Dependent Claims (14)
-
-
15. A method of establishing a secure communications link between a mobile terminal and a server, of a mobile communications system, one of the terminal and server being an originator and the other a recipient, the method comprising:
-
sending a first message from the originator to the recipient, the first message comprising;
an identity certificate for the originator, the certificate including a public key for the originator, a first data block, and a signature of the originator generated by operating on the first data block, the first data block comprising at least an identifier for the originator and a secret number encrypted using a public key of the recipient; and
authenticating the first message at the recipient using the originator identifier. - View Dependent Claims (16)
-
Specification