Process for authentication, by an outside medium, of a portable object connected to that medium via a transmission line and system for carrying out the process
First Claim
1. A process for authentication of a portable object (7) by an outside medium (1), in which the portable object is connected to a terminal (4,5) linked to the outside medium (1) via a transmission line (2,3), and the portable object contains processing circuits and a memory with at least one secret piece of data (Si, Sn, S7);
- and one non-secret piece of data (Ni, Nn, N7) specific to that object, comprising the steps of;
having that object transmit the non-secret piece of data specific to that object to the outside medium;
having the processing circuits (10) in the medium use that piece of data and look in a control table (11) managed by the outside medium to find the result (Ra) of a calculation made during the last authentication of that object and a first parameter (Ea) taken into account to make that calculation;
having this first parameter (Ea) transmitted to the object;
having a second parameter (Eb) generated by a generator (101) of the outside medium and transmitted to the object;
having the processing circuits of the object calculate a first result (R'"'"'a) taking into account at least the first parameter (Ea) and the secret piece of data contained in the object;
having those same processing circuits calculate a second result (Rb) taking into account at least the second parameter (Eb) and the secret piece of data;
transmitting the first and second results to the terminal,coding the unit composed of the first and second results in the terminal, so as to obtain a third result and transmitting this third result to the outside medium via the transmission line (2,3);
decoding this third result in the outside medium to find the first and second results;
comparing the first result of the decoding in the outside medium with the result of the calculation made during the last authentication of this object and stored in the control table (11); and
considering the object authentic if it matches and, in that case, replacing the result of the calculation made during the preceding authentication in the control table with the second result decoded by the outside medium, and replacing the first parameter with the second parameter generated during the authentication in progress.
2 Assignments
0 Petitions
Accused Products
Abstract
A process of authentication, by an outside medium, of a portable object connected to that medium via a transmission line and a system for carrying out the process. To authenticate a portable object (7) connected to a terminal linked to the outside medium by a transmission line, the outside medium (1) manages a control table (11) containing a non-secret piece of data (N7) specific to each object that can be identified, as well as a parameter (Ea ) and a result (Ra) entered in the control table during the preceding authentication of the object. A new parameter (Eb), produced by the medium during authentication, is used to calculate a new result (Rb) in the object. The old result is recalculated. If it matches the one in the table (11), the object is authenticated, and the new parameter (Eb) and result (Rb) are entered in the control table in place of the preceding ones. The process is well suited for use in protecting computer networks.
38 Citations
15 Claims
-
1. A process for authentication of a portable object (7) by an outside medium (1), in which the portable object is connected to a terminal (4,5) linked to the outside medium (1) via a transmission line (2,3), and the portable object contains processing circuits and a memory with at least one secret piece of data (Si, Sn, S7);
- and one non-secret piece of data (Ni, Nn, N7) specific to that object, comprising the steps of;
having that object transmit the non-secret piece of data specific to that object to the outside medium; having the processing circuits (10) in the medium use that piece of data and look in a control table (11) managed by the outside medium to find the result (Ra) of a calculation made during the last authentication of that object and a first parameter (Ea) taken into account to make that calculation; having this first parameter (Ea) transmitted to the object; having a second parameter (Eb) generated by a generator (101) of the outside medium and transmitted to the object; having the processing circuits of the object calculate a first result (R'"'"'a) taking into account at least the first parameter (Ea) and the secret piece of data contained in the object; having those same processing circuits calculate a second result (Rb) taking into account at least the second parameter (Eb) and the secret piece of data; transmitting the first and second results to the terminal, coding the unit composed of the first and second results in the terminal, so as to obtain a third result and transmitting this third result to the outside medium via the transmission line (2,3); decoding this third result in the outside medium to find the first and second results; comparing the first result of the decoding in the outside medium with the result of the calculation made during the last authentication of this object and stored in the control table (11); and considering the object authentic if it matches and, in that case, replacing the result of the calculation made during the preceding authentication in the control table with the second result decoded by the outside medium, and replacing the first parameter with the second parameter generated during the authentication in progress. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- and one non-secret piece of data (Ni, Nn, N7) specific to that object, comprising the steps of;
Specification