METHOD AND DEVICE FOR MUTUAL AUTHENTICATION
First Claim
1. A method of authenticating communication between a first and second party (or node) over an insecure, high bandwidth communications network, in which the first party (C) authenticates the second party (M) using a communications protocol comprising a first communications phase through a first communications channel over the insecure, high bandwidth communications network to establish a secure mode of communications between the first and second party, followed by a second communications phase of receiving information from the second party over a second communications channel, such as an empirical channel, and enabling a user to make a human comparison of the information received from the second party with information generated by the first party thereby enabling the user to authenticate the second party in the event of the information from both parties agrees.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of authenticating communication between a first and second party (or node) over an insecure, high bandwidth communications network, in which the first party (C) authenticates the second party (M) using a communications protocol comprising a first communications phase through a first communications channel over the insecure, high bandwidth communications network to establish a secure mode of communications between the first and second party, followed by a second communications phase of receiving information from the second party over a second communications channel, such as an empirical channel, and enabling a user to make a human comparison of the information received from the second party with information generated by the first party thereby enabling the user to authenticate the second party in the event of the information from both parties agrees.
-
Citations
30 Claims
- 1. A method of authenticating communication between a first and second party (or node) over an insecure, high bandwidth communications network, in which the first party (C) authenticates the second party (M) using a communications protocol comprising a first communications phase through a first communications channel over the insecure, high bandwidth communications network to establish a secure mode of communications between the first and second party, followed by a second communications phase of receiving information from the second party over a second communications channel, such as an empirical channel, and enabling a user to make a human comparison of the information received from the second party with information generated by the first party thereby enabling the user to authenticate the second party in the event of the information from both parties agrees.
-
2. A method of authenticating communication by a first node with a second node over an insecure communications network, comprising:
-
an agreement stage comprising agreeing a hash function and communications protocol; a first message stage comprising sending a first message from the second node to the first node comprising a longhash element, a second communication stage comprising the second node communicating to the first node a first argument operated on by the agreed hash function to provide a longhash element, a third message stage comprising sending a second message from the first node to the second node enabling the second node to determine the data committed by the longhash element it received, a fourth message stage comprising sending a second message from the second node to the first node enabling the first node to determine the data committed by the longhash element it received, a digest stage wherein the first and second node generate a digest using at least the two pieces of committed data thereby to enable the user of the first node to authenticate the second node by human comparison of both the digests. - View Dependent Claims (3)
-
-
4. (canceled)
-
14. (canceled)
-
17. (canceled)
- 24. The security device for enabling authentication of a merchant to a customer over an insecure communications network, the security device comprising a processor adapted to perform encrypted communication of data via a data transfer interface to the communications network, and a user interface enabling user input of data and output of data to a user, the security device further being adapted to enable communication of secure information, such as financial data, to a third party, such as a bank, via the data transfer interface over the insecure communications network after the user has authenticated the identity of the merchant using the security device.
-
28. (canceled)
-
30. (canceled)
Specification