METHOD OF AUTHENTICATION AND SESSION KEY AGREEMENT FOR SECURE DATA TRANSMISSION, A METHOD FOR SECURELY TRANSMITTING DATA, AND AN ELECTRONIC DATA TRANSMISSION SYSTEM

US 20120082312A1
Filed: 10/04/2011
Published: 04/05/2012
Est. Priority Date: 10/05/2010
Status: Active Grant

First Claim

Patent Images

1. A method of authentication and session key agreement for secure data transmission between a first data communication entity and a second data communication entity in an electronic data transmission system, the method comprising:

in a commitment phase in both the first data communication entity and the second data communication entity, providing a password pw, and parameters g, p, and q with G={g^rmod p;

1≦

r<

p}, where G is a finite cyclic group with a large prime order p, g is a primitive root modulo p in G so that, for any xY [1, p−

1], there always exists a value r to meet the formula g^rmod p=x;

in the first data communication entity,generating a first symmetric encryption key by applying a hash function to the password;

pwa=H(pw |ID_a), wherein ID_ais an identity of a first user using the first data communication entity;

generating a first temporary private key r_aε

_R[1,p−

1] and a first shadow private key s_aε

_R[1, 2^L−

1], where L is a block size of an encryption algorithm;

generating a first temporary public key t_a=g^raand a first shadow public u_a=g^sa;

generating a first modular sum;

W_a=t_a+u_a;

encrypting the first shadow private key with the first symmetric encryption key using the encryption algorithm;

ES_a=E_pwa{s_a}; and

transmitting the identity of the first user, the first modular sum, and the encrypted first shadow private key from the first data communication entity to the second data communication entity over a communication channel provided in the electronic data transmission system;

in the second data communication entity,generating a second symmetric encryption key by applying the hash function to the password;

pwb=H(pw | ID_b), wherein ID_bis an identity of a second user using the second data communication entity;

generating a second temporary private key r_bε

_R[1,p−

1] and a second shadow private key s_bε

_R[1, 2^L−

1], where L is a block size of the encryption algorithm;

generating a second temporary public key t_b=g^rband a second shadow public u_b=g^sb;

generating a second modular sum;

W_b=t_b+u_b;

encrypting the second shadow private key with the second symmetric encryption key using an AES encryption;

ES_b=E_pwb{s_b}; and

transmitting the identity of the second user, the second modular sum, and the encrypted second shadow private key from the second data communication entity to the first data communication entity over the communication channel provided in the electronic data transmission system; and

in a confirmation phase,in the first data communication entity,if for the second modular sum W_b≠

0, decrypting the second shadow private key by using the second symmetric encryption key;

s_b=D_pwb{ES_b};

generating a first confirmation key by using the following formula;

CK_a=(W_b−

g^sb)_ra=g^rbra;

generating a first verification tag;

V_a=H(CK_a| ID_a| ID_b| W_a| W_b| ES_a| ES_b| pwa |

0); and

transmitting the first verification tag from the first data communication entity to the second data communication entity over the communication channel provided in the electronic data transmission system, andin the second data communication entity,verifying the first verification tag;

decrypting the first shadow private key by using the first temporary private key;

s_a=D_pwa{ES_a};

generating a second confirm key by using the following formula;

CK_b=(W_a−

g^sa)^rb=g^rarb;

generating a second verification tag;

V_b=H(CK_b| ID_a| ID_b| W_a| W_b| ES_a| ES_b| pwb |

1); and

transmitting the second verification tag from the second data communication entity to the first data communication entity over the communication channel provided in the electronic data transmission system, andin the first data communication entity, verifying the second verification tag; and

generating a shared session key in the first and second data communication entity;

SK=H(CK_a| ID_a| ID_b| W_a| W_b|1 ES_a| ES_b) and SK=H(CK_b| ID_a| ID_b| W_a| W_b| ES_a| ES_b).

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a method of authentication and session key agreement for secure data transmission between a first and second data communication entity in an electronic data transmission system. Furthermore, the invention relates to an electronic transmission system to perform a method of authentication and session key agreement.

Citations

5 Claims

1. A method of authentication and session key agreement for secure data transmission between a first data communication entity and a second data communication entity in an electronic data transmission system, the method comprising:
- in a commitment phase in both the first data communication entity and the second data communication entity, providing a password pw, and parameters g, p, and q with G={g^rmod p;
  
  1≦
  
  r<
  
  p}, where G is a finite cyclic group with a large prime order p, g is a primitive root modulo p in G so that, for any xY [1, p−
  
  1], there always exists a value r to meet the formula g^rmod p=x;
  
  in the first data communication entity,generating a first symmetric encryption key by applying a hash function to the password;
  
  pwa=H(pw |ID_a), wherein ID_ais an identity of a first user using the first data communication entity;
  
  generating a first temporary private key r_aε
  
  _R[1,p−
  
  1] and a first shadow private key s_aε
  
  _R[1, 2^L−
  
  1], where L is a block size of an encryption algorithm;
  
  generating a first temporary public key t_a=g^raand a first shadow public u_a=g^sa;
  
  generating a first modular sum;
  
  W_a=t_a+u_a;
  
  encrypting the first shadow private key with the first symmetric encryption key using the encryption algorithm;
  
  ES_a=E_pwa{s_a}; and
  
  transmitting the identity of the first user, the first modular sum, and the encrypted first shadow private key from the first data communication entity to the second data communication entity over a communication channel provided in the electronic data transmission system;
  
  in the second data communication entity,generating a second symmetric encryption key by applying the hash function to the password;
  
  pwb=H(pw | ID_b), wherein ID_bis an identity of a second user using the second data communication entity;
  
  generating a second temporary private key r_bε
  
  _R[1,p−
  
  1] and a second shadow private key s_bε
  
  _R[1, 2^L−
  
  1], where L is a block size of the encryption algorithm;
  
  generating a second temporary public key t_b=g^rband a second shadow public u_b=g^sb;
  
  generating a second modular sum;
  
  W_b=t_b+u_b;
  
  encrypting the second shadow private key with the second symmetric encryption key using an AES encryption;
  
  ES_b=E_pwb{s_b}; and
  
  transmitting the identity of the second user, the second modular sum, and the encrypted second shadow private key from the second data communication entity to the first data communication entity over the communication channel provided in the electronic data transmission system; and
  
  in a confirmation phase,in the first data communication entity,if for the second modular sum W_b≠
  
  0, decrypting the second shadow private key by using the second symmetric encryption key;
  
  s_b=D_pwb{ES_b};
  
  generating a first confirmation key by using the following formula;
  
  CK_a=(W_b−
  
  g^sb)_ra=g^rbra;
  
  generating a first verification tag;
  
  V_a=H(CK_a| ID_a| ID_b| W_a| W_b| ES_a| ES_b| pwa |
  
  0); and
  
  transmitting the first verification tag from the first data communication entity to the second data communication entity over the communication channel provided in the electronic data transmission system, andin the second data communication entity,verifying the first verification tag;
  
  decrypting the first shadow private key by using the first temporary private key;
  
  s_a=D_pwa{ES_a};
  
  generating a second confirm key by using the following formula;
  
  CK_b=(W_a−
  
  g^sa)^rb=g^rarb;
  
  generating a second verification tag;
  
  V_b=H(CK_b| ID_a| ID_b| W_a| W_b| ES_a| ES_b| pwb |
  
  1); and
  
  transmitting the second verification tag from the second data communication entity to the first data communication entity over the communication channel provided in the electronic data transmission system, andin the first data communication entity, verifying the second verification tag; and
  
  generating a shared session key in the first and second data communication entity;
  
  SK=H(CK_a| ID_a| ID_b| W_a| W_b|1 ES_a| ES_b) and SK=H(CK_b| ID_a| ID_b| W_a| W_b| ES_a| ES_b).
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method according to claim 1, wherein the encryption algorithm is an AES encryption.
  - 3. The method according to claim 1, wherein in the electronic data transmission system, data are exchanged over a wireless data connection between the first data communication entity and the second data communication entity.
  - 4. A method of securely transmitting electronic data between a first data communication entity and a second data communication entity in an electronic data transmission system, the method comprising:
    - providing a data transmission channel between the first data communication entity and the second data communication entity in the electronic data transmission system,performing an authentication and a session key agreement for secure data transmission between the first data communication entity and the second data communication entity according to the method of claim 1; and
      
      transmitting electronic data between the first data communication entity and the second data communication entity using a shared session key in the first and second data communication entities.
  - 5. An electronic data transmission system, comprising:
    - a first data communication entity;
      
      a second data communication entity; and
      
      a data transmission channel connecting the first a data communication entity and the second data communication entity;
      
      wherein the first data communication entity and the second data communication entity are configured, by at least one of software and hardware modules, to perform an authentication and a session key agreement for secure data transmission according to the method in claim 1.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Brandenburgische Technische Universitã¤T Cottbus
Original Assignee
Brandenburgische Technische Universitaet Cottbus- Senftenberg
Inventors
Liu, Fuwen, König, Hartmut

Granted Patent

US 8,443,194 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/262
CPC Class Codes

H04L 9/0844 with user authentication or...

H04L 9/0863 involving passwords or one-...

METHOD OF AUTHENTICATION AND SESSION KEY AGREEMENT FOR SECURE DATA TRANSMISSION, A METHOD FOR SECURELY TRANSMITTING DATA, AND AN ELECTRONIC DATA TRANSMISSION SYSTEM

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

5 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD OF AUTHENTICATION AND SESSION KEY AGREEMENT FOR SECURE DATA TRANSMISSION, A METHOD FOR SECURELY TRANSMITTING DATA, AND AN ELECTRONIC DATA TRANSMISSION SYSTEM

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

5 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links