Cryptographic method for key agreement and user authentication
First Claim
1. A method for enabling a user terminal i and a network access unit j in a communication system to choose a session key for a communication session comprising the steps of:
- at the start of a communication session, transmitting a public key from the network access unit to the user terminal via a communication channel,at the user terminal, utilizing an electronic device to select a number x and to perform a public operation on the number x utilizing the public key received from the network access unit,transmitting via said communication channel the result of said public operation from said user terminal to said network access unit, andat said network access unit, performing a secret operation on said result utilizing a secret key of the network access unit to invert said public operation to compute the number x.
9 Assignments
0 Petitions
Accused Products
Abstract
Protocols for session key agreement and authentication in a communication system such as a portable communication system make use of public key cryptographic techniques. The protocols of the present invention are especially suited for use in a portable communication system because portable telephones are required by the inventive protocols to perform only a minimal amount of processing, while assigning the heavier computations to the network. The inventive protocols also authenticate the weaker (i.e. portable) side. The protocols also ensure that a third party cannot trace the location of a user by eavesdropping on a radio signal transmitted by a portable telephone.
77 Citations
23 Claims
-
1. A method for enabling a user terminal i and a network access unit j in a communication system to choose a session key for a communication session comprising the steps of:
-
at the start of a communication session, transmitting a public key from the network access unit to the user terminal via a communication channel, at the user terminal, utilizing an electronic device to select a number x and to perform a public operation on the number x utilizing the public key received from the network access unit, transmitting via said communication channel the result of said public operation from said user terminal to said network access unit, and at said network access unit, performing a secret operation on said result utilizing a secret key of the network access unit to invert said public operation to compute the number x. - View Dependent Claims (2, 3, 4, 6, 7, 8, 9, 10, 11)
-
-
5. The method of claim I wherein said user terminal has a secret key Si and a public key Pi and wherein said network access unit has a further secret key Sj and a further public key Pj such that PjSi ≡
- PiSj mod N, where N is a modulus and wherein said method further comprises the steps of
transmitting Pj to said user terminal, transmitting Pi to said network access unit, evaluating at said user terminal η
≡
PjSi mod N and determining a session key sk=f(x,η
) where f is an encipherment function,evaluating at said network access unit η
≡
PiSj mod N and determining said session key sk=f(x,η
) whereby both said network access unit and said user terminal are in possession of said session key sk.
- PiSj mod N, where N is a modulus and wherein said method further comprises the steps of
-
12. A method for enabling a user terminal and a network access unit in a communication system to choose a session key for a communication session comprising the steps of
at the start of a communication session, transmitting via a communication channel from a network access unit to a user terminal a modulus Nj, Nj =pj Qj, where pj and qj are large prime numbers known only to the network access unit j, utilizing an electronic device at the user terminal to select a number x and to evaluate a quantity e1 =y(x) mod Nj, where y(x) is a function which is hard to invert without knowledge of the factors pj and qj, transmitting via said communication channel the quantity e1 from said user terminal to said network access unit, at said network access unit, determining x=y-1 (e1) mod Nj, whereby the number x is now known to said user terminal and said network access unit, and utilizing said number x as a session key to send encrypted messages between said user terminal and said network access unit.
-
18. A method for enabling a user terminal and a network access unit in a communication system to choose a session key for a communication session comprising the steps of:
-
at the start of a communication session, transmitting via a communication channel from the network access unit to the user terminal a public key of said network access unit, at said user terminal, utilizing an electronic processor to select a number x and to generate a quantity e1 =y(x) where y(x) is a function that is evaluated utilizing said public key and that is hard to invert without knowledge of a secret key known only to said network access unit, transmitting via said communication channel said quantity e1 from said user terminal to said network access unit, and at said network access unit, determining x=y-1 (e1) utilizing said secret key, whereby said number x is now known to said user terminal and said network access unit. - View Dependent Claims (19, 20, 21, 22, 23)
-
Specification