METHOD FOR ESTABLISHING A SECURE COMMUNICATION CHANNEL
First Claim
1. A method for establishing a secure communication channel between a client (C) and a remote server (S), said client (C) and remote server (S) exchanging data through an intermediate entity (G), said client (C) having a long-term key pair (skc,pkc), the method comprising:
- said remote server generating an ephemeral key (sks,pks), the method comprising a mutual authentication step wherein the client (C) sends a public key (pkc) of said long-term key pair (skc, pkc) and the proof that said public key (pkc) is valid to the server (S), and wherein the remote server (S) sends the public key (pks) of said ephemeral key pair (sks, pks) to the client (C), the client (C) generates an ephemeral key pair (skcc,pkcc) and sends the public key (pkcc) of said ephemeral key pair (skcc,pkcc) to the server (S) so as to generate a secret common to the client (C) and to the remote server (S) for opening the secure communication channel.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a method for establishing a secure communication channel between a client (C) and a remote server (S), said client (C) and remote server (S) exchanging data through an intermediate entity (G), said client (C) having a long-term key pair (skc,pkc), said remote server generating an ephemeral key (sks,pks), the method comprising a mutual authentication step wherein the client (C) sends a public key (pkc) of said long-term key pair (skc, pkc) and the proof that said public key (pkc) is valid to the server (S), and wherein the remote server (S) sends the public key (pks) of said ephemeral key pair (sks,pks) to the client (C). The client (C) generates an ephemeral key pair (skCc,pkCc) and sends the public key (pKcc) of said ephemeral key pair (skcc,pkcc) to the server (S) so as to generate a secret common to the client (C) and to the remote server (S) for opening the secure communication channel.
45 Citations
11 Claims
-
1. A method for establishing a secure communication channel between a client (C) and a remote server (S), said client (C) and remote server (S) exchanging data through an intermediate entity (G), said client (C) having a long-term key pair (skc,pkc), the method comprising:
- said remote server generating an ephemeral key (sks,pks), the method comprising a mutual authentication step wherein the client (C) sends a public key (pkc) of said long-term key pair (skc, pkc) and the proof that said public key (pkc) is valid to the server (S), and wherein the remote server (S) sends the public key (pks) of said ephemeral key pair (sks, pks) to the client (C), the client (C) generates an ephemeral key pair (skcc,pkcc) and sends the public key (pkcc) of said ephemeral key pair (skcc,pkcc) to the server (S) so as to generate a secret common to the client (C) and to the remote server (S) for opening the secure communication channel.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
Specification
-
- Resources
-
Current AssigneeThales DIS France SA
-
Original AssigneeGemalto SA (Thales SA)
-
InventorsGouget, Aline, Faher, Mourad
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current380/44
-
CPC Class CodesH04L 2209/76 Proxy, i.e. using intermedi...H04L 63/045 wherein the sending and rec...H04L 63/061 for key exchange, e.g. in p...H04L 63/0869 for achieving mutual authen...H04L 63/1466 Active attacks involving in...H04L 63/1475 Passive attacks, e.g. eaves...H04L 9/0819 Key transport or distributi...H04L 9/0844 with user authentication or...H04L 9/0877 using additional device, e....H04L 9/3273 for mutual authentication n...
