METHOD AND APPARATUS FOR PERFORMING AUTHENTICATION BETWEEN CLIENTS USING SESSION KEY SHARED WITH SERVER

US 20080301436A1
Filed: 11/29/2007
Published: 12/04/2008
Est. Priority Date: 06/01/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method of performing authentication in which a first client sharing a first session key with a server performs authentication with a second client sharing a second session key with the server, the method comprising:

receiving first authentication information generated using the second session key from the server;

receiving second authentication information generated using the second session key from the second client; and

determining whether the authentication with the second client is successful using the first authentication information and the second authentication information.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided is a method and apparatus for performing authentication between clients that complete authentication with a server. The method includes receiving first authentication information generated using the second session key from the server; receiving second authentication information generated using the second session key from the second client; and determining whether the authentication with the second client is successful using the first authentication information and the second authentication information.

71 Citations

View as Search Results

13 Claims

1. A method of performing authentication in which a first client sharing a first session key with a server performs authentication with a second client sharing a second session key with the server, the method comprising:
- receiving first authentication information generated using the second session key from the server;
  
  receiving second authentication information generated using the second session key from the second client; and
  
  determining whether the authentication with the second client is successful using the first authentication information and the second authentication information.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising generating a first random number and transmitting the generated first random number to the second client,wherein the first authentication information is a first hash value with respect to the second session key and the second authentication information is a second hash value with respect to both the first random number and the first authentication information.
  - 3. The method of claim 2, wherein the determining comprises:
    - calculating a third hash value with respect to both the first random number and the first authentication information;
      
      comparing the calculated third hash value with the received second authentication information; and
      
      determining that the authentication with the second client is successful if the calculated third hash value is equal to the received second authentication information.
  - 4. The method of claim 2, further comprising:
    - receiving a second random number generated by the second client from the second client;
      
      generating third authentication information that is a fourth hash value with respect to both the received second random number and the second hash value with respect to the first session key; and
      
      transmitting the generated third authentication information to the second client.
  - 5. The method of claim 2, wherein the receiving the first authentication information comprises:
    - receiving data obtained by encrypting the first authentication information with the first session key; and
      
      decrypting the received data.
  - 6. The method of claim 1, wherein the server is a digital right management (DRM) server, the first client is a DRM client, and the second client is a host device in which the DRM client is installed.

7. A computer-readable recording medium having recorded thereon a program for executing a method of performing authentication in which a first client sharing a first session key with a server performs authentication with a second client sharing a second session key with the server, the method comprising:
- receiving first authentication information generated using the second session key from the server;
  
  receiving second authentication information generated using the second session key from the second client; and
  
  determining whether the authentication with the second client is successful using the first authentication information and the second authentication information.

8. An apparatus for performing authentication, the apparatus comprising:
- a communication unit which receives first authentication information generated using a second session key from a server and receives second authentication information generated using the second session key from a second client; and
  
  a determination unit which determines whether the authentication with the second client is successful using the first authentication information and the second authentication information.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The apparatus of claim 8, further comprising a random number generation unit which generates a first random number,wherein the communication unit transmits the generated first random number to the second client.
  - 10. The apparatus of claim 9, wherein the first authentication information is a first hash value with respect to the second session key and the second authentication information is a second hash value with respect to both the first random number and the first authentication information, andthe determination unit calculates a third hash value with respect to both the first random number and the first authentication information, compares the calculated third hash value with the received second authentication information, and determines that the authentication with the second client is successful if the calculated third hash value is equal to the received second authentication information.
  - 11. The apparatus of claim 10, wherein the communication unit receives a second random number generated by the second client from the second client and transmits third authentication information that is a fourth hash value with respect to both the received second random number and the second hash value with respect to the first session key to the second client, and the determination unit generates the third authentication information.
  - 12. The apparatus of claim 8, further comprising a decryption unit which decrypts data encrypted with the first session key, wherein the communication unit receives the first authentication information in a state encrypted with the first session key.
  - 13. The apparatus of claim 8, wherein the server is a digital right management (DRM) server, the first client is a DRM client, and the second client is a host device in which the DRM client is installed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
YOU, Yong-kuk, YAO, Jun, LEE, Choong-hoon

Application Number

US11/947,211
Publication Number

US 20080301436A1
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

H04L 2209/603   Digital right managament [DRM]

H04L 9/321   involving a third party or ...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3271   using challenge-response

METHOD AND APPARATUS FOR PERFORMING AUTHENTICATION BETWEEN CLIENTS USING SESSION KEY SHARED WITH SERVER

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

71 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR PERFORMING AUTHENTICATION BETWEEN CLIENTS USING SESSION KEY SHARED WITH SERVER

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

71 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links