Authentication between device and portable storage
First Claim
1. A method for performing authentication between a device and a portable storage, which is performed by the device, comprising:
- transmitting a first key from the device to the portable storage;
receiving a third key and a first encrypted random number, obtained by encrypting a first random number using the first key, from the portable storage and decrypting the first encrypted random number using a second key related with the first key;
generating a second encrypted random number by encrypting a second random number using the third key and transmitting the second encrypted random number from the device to the portable storage; and
generating a session key using the first random number and the second random number.
1 Assignment
0 Petitions
Accused Products
Abstract
For digital rights management (DRM), a method for performing authentication between a device and a portable storage, which is performed by the device, includes transmitting a first key to the portable storage, receiving a third key and a first encrypted random number obtained by encrypting a first random number using the first key from the portable storage and decrypting the first encrypted random number using a second key related with the first key, generating a second encrypted random number by encrypting a second random number using the third key and transmitting the second encrypted random number to the portable storage, and generating a session key using the first random number and the second random number. The technique guarantees secure authentication between the device and the portable storage for DRM.
59 Citations
28 Claims
-
1. A method for performing authentication between a device and a portable storage, which is performed by the device, comprising:
-
transmitting a first key from the device to the portable storage;
receiving a third key and a first encrypted random number, obtained by encrypting a first random number using the first key, from the portable storage and decrypting the first encrypted random number using a second key related with the first key;
generating a second encrypted random number by encrypting a second random number using the third key and transmitting the second encrypted random number from the device to the portable storage; and
generating a session key using the first random number and the second random number. - View Dependent Claims (2, 3, 4, 5, 6, 25)
-
-
7. A method for performing authentication between a device and a portable storage, which is performed by the portable storage, comprising:
-
receiving a first key from the device;
obtaining a first encrypted random number by encrypting a first random number using the first key and transmitting the first encrypted random number and a third key to the device;
receiving a second encrypted random number, obtained by encrypting a second random number using the third key, from the device and decrypting the second encrypted random number using a fourth key; and
generating a session key using the first random number and the second random number. - View Dependent Claims (8, 9, 10, 11, 12, 26)
-
-
13. A method of safely transmitting data between a device and a portable storage comprising:
-
setting a value of a send sequence counter of the device to an initial value;
embedding the value of the send sequence counter in an application protocol data unit (APDU) to be transmitted to the portable storage while increasing the value of the send sequence counter sequentially after the value of the send sequence counter is embedded in the APDU; and
receiving the APDU at the portable storage and determining whether the value of the send sequence counter embedded in the received APDU is correct. - View Dependent Claims (14, 27)
-
-
15. A method of safely transmitting data between a device and a portable storage comprising:
-
setting a value of a send sequence counter of the portable storage to an initial value;
embedding the value of the send sequence counter in an application protocol data unit (APDU) to be transmitted to the device while increasing the value of the send sequence counter sequentially after the value of the send sequence counter is embedded in the APDU; and
receiving the APDU at the device and determining whether the value of the send sequence counter embedded in the received APDU is correct. - View Dependent Claims (16, 28)
-
-
17. A portable storage comprising:
-
an interface unit which establishes a connection with a device;
a public-key encryption module which encrypts a first random number using a first key received from the device connected through the interface unit and obtains a second random number by decrypting an encrypted second random number received from the device through the interface unit using a fourth key; and
a session key generation module which generates a session key using the first random number and the second random number. - View Dependent Claims (18, 19, 20)
-
-
21. A device comprising:
-
an interface unit which establishes a connection with a portable storage;
a public-key encryption module which obtains a first random number by decrypting an encrypted first random number received from the portable storage connected through the interface unit using a second key and encrypts a second random number using a third key received from the portable storage connected through the interface unit; and
a session key generation module which generates a session key using the first random number and the second random number. - View Dependent Claims (22, 23, 24)
-
Specification