MUTUAL AUTHENTICATION METHOD BETWEEN DEVICES USING MEDIATION MODULE AND SYSTEM THEREFOR

US 20080229104A1
Filed: 10/02/2007
Published: 09/18/2008
Est. Priority Date: 03/16/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method of mediating a mutual authentication process between a device and a host device, the method comprising:

storing a first partial private key obtained by dividing a first private key of the device;

storing a second partial private key obtained by dividing a second private key of the host device;

receiving unique identifiers (IDs) and random numbers for the device and the host device from the device and determining whether the unique IDs are valid; and

generating a first signature value by using the first partial private key and a second signature value by using the second partial private key if the unique IDs are valid, and transmitting the generated first and second signature values to the device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mutual authentication method using a mediation module and a system therefor are provided. The method includes: storing a first partial private key obtained by dividing a first private key of a device; storing a second partial private key obtained by dividing a second private key of a host device; receiving unique identifiers (IDs) and random numbers for the device and the host device from the device and determining whether the unique IDs are valid; and generating a first signature value by using the first partial private key and a second signature value by using the second partial private key if the unique IDs are valid, and transmitting the generated first and second signature values to the device

Citations

28 Claims

1. A method of mediating a mutual authentication process between a device and a host device, the method comprising:
- storing a first partial private key obtained by dividing a first private key of the device;
  
  storing a second partial private key obtained by dividing a second private key of the host device;
  
  receiving unique identifiers (IDs) and random numbers for the device and the host device from the device and determining whether the unique IDs are valid; and
  
  generating a first signature value by using the first partial private key and a second signature value by using the second partial private key if the unique IDs are valid, and transmitting the generated first and second signature values to the device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the device stores a third partial private key obtained by dividing the first private key, and the host device stores a fourth partial private key obtained by dividing the second private key.
  - 3. The method of claim 2, wherein before receiving the unique IDs from the device, the device transmits to the host device a certificate on the device and a third signature value generated by using the third partial private key, and the host device transmits to the device a certificate on the host device and a fourth signature value generated by using the fourth partial private key.
  - 4. The method of claim 3, wherein the device generates and verifies a total signature value for the host device by combining the second signature value with the fourth signature value after receiving the first and second signature values, and generates a first authentication key for the device.
  - 5. The method of claim 4, wherein the host device generates and verifies a total signature value for the device by combining the first signature value with the third signature value after receiving the first signature value, and generates a second authentication key for the host device.
  - 6. The method of claim 5, wherein if the first authentication key is the same as the second authentication key, the host device generates a content key for encrypting or decrypting content.
  - 7. The method of claim 3, wherein in the determining whether in the unique IDs are valid, it is determined whether the unique IDs are valid by using a certificate revocation list updated by a certification authority.

8. A mutual authentication method with a host device by using a mediation module connected to the host device, the mutual authentication method comprising:
- dividing the first private key into first and second partial private keys and transmitting the first partial private key to the mediation module;
  
  generating a first signature value from the second partial private key, and transmitting the first signature value to the host device;
  
  transmitting unique identifiers (IDs) and random numbers to the mediation module; and
  
  generating and verifying a total signature value for the host device by using a second signature value received from the mediation module, and generating a first authentication key, if the unique IDs are valid.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The mutual authentication method of claim 8, further comprising receiving a third signature value from the host device, wherein a second private key of the host device is divided into third and fourth partial private keys, the third partial private key is stored in the mediation module, the fourth partial private key is stored in the host device, and the third signature value is generated by using the fourth partial private key.
  - 10. The mutual authentication method of claim 9, further comprising, if the unique IDs are valid, receiving a fourth signature value generated by using the third partial private key and the second signature value generated by using the first partial private key, and generating and verifying a total signature value for the host device by combining the fourth signature value with the third signature value.
  - 11. The mutual authentication method of claim 10, further comprising transmitting the second signature value to the host device, wherein a content key for encrypting or decrypting a content is generated, if a second authentication key generated by the host device is the same as the first authentication key.
  - 12. The mutual authentication method of claim 11, wherein in the host device, the second authentication key is generated by combining the second signature value with the first signature value.

13. A mediation module comprising:
- a key storage unit which stores a first partial private key obtained by dividing a first private key of a device and a second partial private key obtained by dividing a second private key of a host device;
  
  a control unit which receives unique identifiers (IDs) and random numbers for the device and the host device, and determines whether the unique IDs are valid; and
  
  a mediation module which generates a first signature value by using the first partial private key and a second signature value by using the second partial private key, if the unique IDs are valid.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The mediation module of claim 13, wherein the device stores a third partial private key obtained by dividing the first private key, and the host device stores a fourth partial private key obtained by dividing the second private key.
  - 15. The mediation module of claim 14, wherein before receiving the unique IDs from the device, the device transmits to the host device a certificate on the device and a third signature value generated by using the third partial private key, and the host device transmits to the device a certificate on the host device and a fourth signature value generated by using the fourth partial private key.
  - 16. The mediation module of claim 15, wherein the device generates and verifies a total signature value for the host device by combining the second signature value with the fourth signature value after receiving the first and second signature values, and generates a first authentication key for the device.
  - 17. The mediation module of claim 16, wherein the host device generates and verifies a total signature value for the device by combining the first signature value with the third signature value after receiving the first signature value, and generates a second authentication key for the host device.
  - 18. The mediation module of claim 13, wherein the control unit checks whether the unique IDs are valid by using a certificate revocation list updated by a certification authority.

19. A device which performs a mutual authentication process with a host device by using a mediation module connected to the host device, the device comprising:
- a key generation unit which divides a first private key into first and second partial private keys;
  
  an interface which transmits the first partial private key and unique identifiers (IDs) and random numbers to the mediation module;
  
  a digital signature unit which generates a first signature value from the second partial private key, and transmits the first signature value to the host device via the interface; and
  
  a control unit which generates and verifies a total signature value for the host device by using a second signature value received from the mediation module if the unique IDs are valid, and generates a first authentication key.
- View Dependent Claims (20, 21, 22)
- - 20. The device of claim 19, wherein a second private key of the host device is divided into third and fourth partial private keys and the third partial private key is stored in the mediation module, and a third signature value generated by using the fourth partial private key.
  - 21. The device of claim 20, wherein if the unique IDs are valid, the control unit receives a fourth signature value generated by using the first partial private key and the second signature value generated by using the third partial private key, and generates and verifies a total signature value for the host device by combining the second signature value with the third signature value.
  - 22. The device of claim 21, wherein the fourth signature value is transmitted to the host device, and a content key for encrypting or decrypting a content is generated when a second authentication key generated by the host device is the same as the first authentication key.

23. A system which performs a mutual authentication process, the system comprising:
- a host device;
  
  a device; and
  
  a mediation module connected to the host device and the device,wherein the mediation module stores a first partial private key obtained by dividing a first private key of the device and a second partial private key obtained by dividing a second private key of the host device,wherein the device transmits to the host device a first signature value generated by using a third private key obtained by dividing the first private key, the host device transmits to the device a second signature value generated by using a fourth private key obtained by dividing the second private key, andwherein the device transmits unique identifiers (IDs) and random numbers to the mediation module, generates and verifies a total signature value for the host device by using a third signature value received from the mediation module if the unique IDs are valid, and generates a first authentication key.
- View Dependent Claims (24, 25, 26)
- - 24. The system of claim 23, wherein when the unique IDs are valid, the device receives the third signature value generated by using the second partial private key and a fourth signature value generated by using the a first partial private key from the mediation module, generates and verifies a total signature value for the host device by combining the third signature value with the second signature value, and generates a first authentication key.
  - 25. The system of claim 24, wherein the host device receives the fourth signature value from the device, generates and verifies a total signature value for the device by combining the fourth signature value with the first signature value, and generates a second authentication key.
  - 26. The system of claim 25, wherein when the first authentication key is the same as the second authentication key, the device and the host device generate a content key for encrypting or decrypting a content.

27. A computer-readable recording medium having embodied thereon a computer program for performing a method of mediating a mutual authentication process between a device and a host device, the method comprising:
- storing a first partial private key obtained by dividing a first private key of the device;
  
  storing a second partial private key obtained by dividing a second private key of the host device;
  
  receiving unique identifiers (IDs) and random numbers for the device and the host device from the device and determining whether the unique IDs are valid; and
  
  generating a first signature value by using the first partial private key and a second signature value by using the (second partial private key if the unique IDs are valid, and transmitting the generated first and second signature values to the device.

28. A computer-readable recording medium having embodied thereon a computer program for performing a mutual authentication method with a host device by using a mediation module connected to the host device, the mutual authentication method comprising:
- dividing the first private key into first and second partial private keys and transmitting the first partial private key to the mediation module;
  
  generating a first signature value from the second partial private key, and transmitting the first signature value to the host device;
  
  transmitting unique identifiers (IDs) and random numbers to the mediation module; and
  
  generating and verifying a total signature value for the host device by using a second signature value received from the mediation module, and generating a first authentication key, if the unique IDs are valid

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
JU, Hak-soo, Kim, Myung-sun, Moon, Ji-young

Application Number

US11/865,821
Publication Number

US 20080229104A1
Time in Patent Office

Days
Field of Search
US Class Current

713/169
CPC Class Codes

H04L 2209/603   Digital right managament [DRM]

H04L 2209/80   Wireless

H04L 9/3247   involving digital signatures

H04L 9/3268   using certificate validatio...

H04L 9/3273   for mutual authentication n...

MUTUAL AUTHENTICATION METHOD BETWEEN DEVICES USING MEDIATION MODULE AND SYSTEM THEREFOR

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

MUTUAL AUTHENTICATION METHOD BETWEEN DEVICES USING MEDIATION MODULE AND SYSTEM THEREFOR

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links