METHOD OF AUTHENTICATING A FIRST AND A SECOND ENTITY AT A THIRD ENTITY
First Claim
1. A method for authenticating a first entity and a second entity by using a third entity, said first and third entities sharing a first secret key, said second and third entities sharing a second secret key, wherein the method comprises steps of:
- the third entity sending to the first entity a challenge,the first entity using the first secret key to calculate an authentication value on the basis of the received challenge,the first entity sending the second entity the calculated authentication value,the second entity using a cipher algorithm parameterized by the second secret key to calculate an authentication response, on the basis of a token that is known to the third entity and to the second entity and on the basis of the authentication value received from the first entity,the second entity sending to the third entity the authentication response,the third entity using the first and second secret keys to calculate an expected authentication response, on the basis of the token and the challenge, andthe received authentication response being compared with the calculated expected authentication response.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is provided for authenticating a first entity and a second entity at a third entity. The first and third entities share a first secret key, and the second and third entities share a second secret key. The method includes steps of: dispatching by the third entity to the first entity of a challenge, calculation by the first entity, using the first secret key, of an authentication value; dispatching by the first entity to the second entity the authentication value, calculation by the second entity, using the second secret key, of an authentication response; dispatching by the second entity to the third entity of the authentication response; calculation by the third entity of an expected authentication response; and comparison of the authentication response received with the expected calculated authentication response.
6 Citations
12 Claims
-
1. A method for authenticating a first entity and a second entity by using a third entity, said first and third entities sharing a first secret key, said second and third entities sharing a second secret key, wherein the method comprises steps of:
-
the third entity sending to the first entity a challenge, the first entity using the first secret key to calculate an authentication value on the basis of the received challenge, the first entity sending the second entity the calculated authentication value, the second entity using a cipher algorithm parameterized by the second secret key to calculate an authentication response, on the basis of a token that is known to the third entity and to the second entity and on the basis of the authentication value received from the first entity, the second entity sending to the third entity the authentication response, the third entity using the first and second secret keys to calculate an expected authentication response, on the basis of the token and the challenge, and the received authentication response being compared with the calculated expected authentication response. - View Dependent Claims (4, 5, 6, 7)
-
-
2. A method for authenticating a first and a second entity by using a third entity, said first and third entities sharing a first secret key, said second and third entities sharing a second secret key, wherein the method comprises steps of:
-
a challenge being sent to the first entity, a cipher algorithm, which is parameterized by the second secret key, being used to calculate an expected authentication response, on the basis of a token that is known to the third entity and to the second entity, and a signature for the challenge using the first secret key, a response to said challenge being received from the second entity, and the received response being compared with the calculated authentication response.
-
-
3. A method for authenticating a group made up of at least two entities with a third entity, the third entity and a first entity from the group sharing a first secret key, the third entity and a second entity from the group sharing a second secret key, wherein said method comprises steps of:
-
a challenge being received from the third entity, the first entity from the group using the first secret key to calculate an authentication value on the basis of the received challenge, the first entity sending to the second entity from the group the calculated authentication value, the second entity from the group using a cipher algorithm parameterized by the second secret key to calculate an authentication response, on the basis of a token that is known to the third entity and to the second entity and on the basis of the authentication value received from the first entity, and the second entity from the group sending to the third entity the calculated authentication response.
-
-
8. An authentication device configured to authenticate a first and a second entity, said device sharing a first secret key with the first entity, and a second secret key with the second entity, wherein said device comprises:
-
sending means for sending a challenge to the first entity, calculation means for calculating, using a cipher algorithm, which is parameterized by the second secret key, an expected authentication response, on the basis of a token that is known to the authentication device and to the second entity, and a signature for the challenge using the first secret key, reception means for receiving a response to said challenge from the second entity, and comparison means for comparing the received response with the calculated authentication response.
-
-
9. A system comprising:
set of two entities comprising a first and a second entity, said set being configured for being authenticated by an authentication device, the authentication device sharing a first secret key with the first entity and a second key with the second entity, wherein said set comprises; reception means for receiving a challenge from the authentication device, first calculation means configured so that the first entity from the set uses the first secret key to calculate an authentication value on the basis of the challenge, transmission means configured so that the first entity transmits the authentication value to the second entity from the group, second calculation means configured so that the second entity uses a cipher algorithm parameterized by the second secret key to calculate an authentication response, on the basis of a token that is known to the authentication device and to the second entity and on the basis of the authentication value received from the first entity in the set, and sending means for sending to the authentication device the calculated authentication response. - View Dependent Claims (10)
-
11. A non-transitory data storage medium comprising a computer program stored thereon and able to be loaded into the internal memory of an authentication device, the program comprising code portions for executing steps of a method for authenticating a first and a second entity by using the authentication device, when the program is executed on said authentication device, said first and third entities sharing a first secret key and said second and third entities sharing a second secret key, wherein the method comprises:
-
sending a challenge from the authentication device to the first entity, using a cipher algorithm that is parameterized by the second secret key to calculate an expected authentication response on the basis of a token that is known to the authentication device and to the second entity, and a signature for the challenge using the first secret key, receiving a response to said challenge from the second entity, and comparing the received response with the calculated authentication response.
-
-
12. (canceled)
Specification