System and method for providing identity hiding in a shared key authentication protocol
First Claim
1. A method of hiding an initiator'"'"'s identity (ID) in a shared key authentication protocol comprising authentication based on a Hint of the ID, the Hint being a function of the ID which cannot be readily inverted to produce the initiator'"'"'s identity.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method is provided for hiding an initiator'"'"'s identity (ID), e.g. a ClientID, in a shared key authentication protocol, using authentication based on a hint of the ID. The hint is a function of the ID which cannot be readily inverted to produce the initiator'"'"'s identity, for example, a hash function over the ID, such as a modular N sum hash of the initiator'"'"'s identity where N corresponds to N hash buckets in a shared key database; a cryptographic hash over the ID and a corresponding shared key; or a function of the ID which cannot be readily inverted to produce the initiator'"'"'s identity and a pair of MAC values wherein the MAC values are compared to find a shared key. The resulting hash may be reduced to a required number of bits for identification of a hash bucket in the database. The system and method thereby provide a computationally efficient method of protecting, or hiding, a client ID in a client-server system for shared-key authentication, which avoids the requirement of known systems to send the client ID in clear text early in the message exchange, which leaves known shared-key protocols open to passive and active identity disclosure attacks.
21 Citations
32 Claims
- 1. A method of hiding an initiator'"'"'s identity (ID) in a shared key authentication protocol comprising authentication based on a Hint of the ID, the Hint being a function of the ID which cannot be readily inverted to produce the initiator'"'"'s identity.
- 10. A method of hiding an initiator'"'"'s identity (ID) in a shared key authentication protocol comprising authentication based on a hint of the ID wherein the hint is a function of the ID which cannot be readily inverted to produce the initiator'"'"'s identity, and a pair of MAC values wherein the MAC values are compared to find a shared key.
-
17. A system for hiding an initiator'"'"'s identity (ID) in a shared key authentication protocol comprising a database to store shared keys and an authenticator to provide authentication of the initiator based on a hint of the ID wherein the hint is a function that of the ID that cannot be easily inverted to produce the initiators identity.
-
19. A system for hiding an initiator'"'"'s identity (ID) in a shared key authentication protocol comprising a processor to generate a hint of the ID and a MAC value.
-
20. A machine-readable medium encoded with a plurality of processor-executable instruction sequences for hiding an initiator'"'"'s identity (ID) in a shared key authentication protocol comprising authentication based on a hint of the ID wherein the hint is a function of the ID which cannot be readily inverted to produce the initiator'"'"'s identity and a pair of MAC values wherein the MAC values are compared to find a shared key.
-
21. A method of hiding an initiator'"'"'s identity (ID) in a shared key authentication protocol for authentication and shared key agreement between an initiator and a receiver comprising steps by the initiator of:
-
generating a Hint of the ID, the Hint being a function of the ID which cannot be readily inverted to produce the initiator'"'"'s identity generating a MAC transmitting the Hint of the ID and MAC to the receiver for authentication and key agreement - View Dependent Claims (22, 23, 24, 25)
-
-
26. A method of hiding an initiator'"'"'s identity (ID) in a shared key authentication protocol for authentication and shared key agreement between an initiator and a receiver comprising the steps by the receiver of:
-
receiving from an initiator a Hint of the ID, the Hint being a function of the ID which cannot be readily inverted to produce the initiator'"'"'s identity, and a MAC value, providing authentication and key agreement based the Hint and MAC values. - View Dependent Claims (27, 28, 29, 30)
-
-
31. A method of identity protection in a shared key encryption algorithm, for authentication and key agreement between a client and a server, said method comprising the steps by the client of:
-
generating a message, a message authentication code and a hash over the client identifier and a corresponding shared key;
transmitting to the server said message, message authentication code and hash over the client identifier and a corresponding shared key to the server, for processing by the server for authentication and shared key agreement.
-
-
32. A method of identity protection in a shared key encryption system for authentication and key agreement between a client and a server, said method comprising steps by the server of:
-
receiving from the client a message, a message authentication code and a hash over the clients identifier and a corresponding shared key;
processing said message authentication code and hash over the clients identifier and corresponding shared key, to find the shared key.
-
Specification