Method and system for data integrity protection

US 20040123102A1
Filed: 10/24/2003
Published: 06/24/2004
Est. Priority Date: 05/03/2001
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating data, the method comprising the steps of receiving a message (114, 203) and a corresponding first data item (116, 213) generated according to a first predetermined rule (102, 206);

generating a second data item (115, 210) according to a second predetermined rule (112, 206) on the basis of the received message;

calculating a first distance (117, 215) between the received first data item and the generated second data item;

comparing the calculated first distance with a predetermined distance value (212).

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authenticating a message (111) received via a transmission channel (108) using a Message Authentication Code (MAC). The message comprises a message body (114) and a tag (116) and the method comprises the steps of generating a second tag (115) according to a MAC function (112) on the basis of the received message body and a secret key (113), calculating a distance (117) between the received tag and generated second tag, and comparing (118) the calculated distance with a predetermined threshold value

47 Citations

View as Search Results

24 Claims

1. A method of authenticating data, the method comprising the steps of receiving a message (114, 203) and a corresponding first data item (116, 213) generated according to a first predetermined rule (102, 206);
- generating a second data item (115, 210) according to a second predetermined rule (112, 206) on the basis of the received message;
  
  calculating a first distance (117, 215) between the received first data item and the generated second data item;
  
  comparing the calculated first distance with a predetermined distance value (212).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 22, 23, 24)
- - 2. A method according to claim 1, characterised in that the method further comprises the step of processing the message conditioned on a result of the step of comparing the calculated first distance with a predetermined distance value.
  - 3. A method according to claim 1 or 2, characterised in that the step of processing the message comprises the step of accepting the message if the calculated first distance is smaller than the predetermined distance value.
  - 4. A method according to any one of claims 1 through 3, characterised in that the message and the first data item are received via a wireless communications channel.
  - 5. A method according to any one of claims 1 through 4, characterised in that the step of generating the second data item comprises the step of applying a predetermined permutation to a third data item derived from the message.
  - 6. A method according to any one of claims 1 through 5, characterised in that the step of generating the second data item comprises the step of combining a fourth data item derived from the message with a predetermined fifth data item.
  - 7. A method according to claim 6, characterised in that the step of combining a fourth data item derived from the message with a predetermined fifth data item comprises the step of inserting predetermined binary sequences at predetermined positions of the fourth data item.
  - 8. A method according to any one of claims 1 through 7, characterised in that the step of calculating a first distance comprises the step of calculating a Hamming distance.
  - 9. A method according to any one of claims 1 through 8, characterised in that the method further comprises the steps of a) generating a first sequence of message sections from the message, each message section having a predetermined length;
    - b) modifying at least a first message section of the sequence of message sections;
      
      c) applying at least a first permutation to at least the modified first message section of the sequence of message sections;
      
      d) calculating at least one XOR sum of a result of at least the first permutation;
      
      e) calculating a hash value from the calculated at least one XOR sum.
  - 10. A method according to claim 9, characterised in that the method further comprises the step of repeating the steps of applying at least the first permutation and calculating an XOR sum a predetermined number of times.
  - 11. A method according to claim 9 or 10, characterised in that the method further comprises the step of repeating the steps a) through e) using at least a second permutation.
  - 12. A method according to any one of claims 9 through 11, characterised in that the method further comprises the step of encrypting the calculated hash value.
  - 13. A method according to any one of claims 1 through 12, characterised in that the step of calculating the first distance further comprises the steps of dividing the first and second data items into corresponding first and second sets of data sections;
    - calculating a second distance between a first section of the first set of sections and a corresponding second section of the second set of sections; and
      
      comparing the second distance with a predetermined threshold value.
  - 14. A method according to any one of claims 1 through 13, characterised in that the first data item is further generated on the basis of a first secret key code;
    - and the step of generating the second data item on the basis of the received message further comprises the step of generating the second data item on the basis of a second secret key code.
  - 15. A method according to any one of claims 1 through 14, characterised in that the first and second secret key codes are the same key code;
    - and the first and second predetermined rules are the same rule.
  - 22. A data signal embodied in a carrier wave for use in a method according to any one of the claims 1 through 15, the data signal comprising a message and a first data item.
  - 23. A computer program comprising program code means for performing all the steps of any one of the claims 1 through 15 when said program is run on a microprocessor.
  - 24. A computer program product comprising program code means stored on a computer readable medium for performing the method of any one of the claims 1 through 15 when said computer program product is run on a microprocessor.

16. A method of transmitting a message from a transmitter (101, 501) to a receiver (110, 506) via a transmission channel (108, 505), the method comprising the steps of at the transmitter generating a first data item (105, 209) according to a first predetermined rule (102, 206) on the basis of the message (104, 202);
- transmitting the message and the generated first data item from the transmitter to the receiver;
  
  generating a second data item (115, 210) according to a second predetermined rule (112, 206) on the basis of the received message (114, 203);
  
  calculating a first distance (215) between the received first data item (116, 213) and the generated second data item;
  
  comparing the calculated first distance with a predetermined distance value (212).
- View Dependent Claims (17, 18)
- - 17. A method according to claim 16, characterised in that the generated first data item has a size which is smaller than a size of the message.
  - 18. A method according to claim 16 or 17, characterised in that the step of generating the first data item comprises the step of calculating a hash function on the basis of a sixth data item derived from the message.

19. A communications system comprising first processing means (503) adapted to calculate a first data item according to a first predetermined rule on the basis of a message;
- a transmitter (504) adapted to transmit the message and the generated first data item via a transmission channel (505);
  
  a receiver (509) adapted to receive the transmitted message and the transmitted first data item;
  
  second processing means (508) adapted to generate a second data item according to a second predetermined rule on the basis of the received message;
  
  to calculate a first distance between the received first data item and the generated second data item; and
  
  to compare the calculated first distance with a predetermined distance value.

20. An apparatus comprising a receiver (509) adapted to receive a message and a corresponding first data item generated according to a first predetermined rule;
- first processing means (508) adapted to generate a second data item according to a second predetermined rule on the basis of the received message;
  
  to calculate a first distance between the received first data item and the generated second data item; and
  
  to compare the calculated first distance with a predetermined distance value.
- View Dependent Claims (21)
- - 21. An apparatus according to claim 20, characterised in that the apparatus is a mobile radio terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Blom, Rolf, Gehrmann, Christian

Granted Patent

US 7,298,840 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/161
CPC Class Codes

H04L 2209/80 Wireless network architectu...

H04L 9/3242 involving keyed hash functi...

Method and system for data integrity protection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

47 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for data integrity protection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links