×

Two-way public key authentication and key agreement for low-cost terminals

  • US 5,299,263 A
  • Filed: 03/04/1993
  • Issued: 03/29/1994
  • Est. Priority Date: 03/04/1993
  • Status: Expired due to Term
First Claim
Patent Images

1. A method for achieving mutual identification and session key agreement between a terminal and a server at the start of communication session comprising the steps of(a) transmitting from the server to the terminal an identity j of the server, public key Nj of the server and a certificate Cj of the server which certificate Cj, if valid, is congruent to √

  • h(j, Nj)mod Nu where Nj is a public key of the server, Nu is a public key of a central authority, and h() signifies a one-way hashing function,(b) at the terminal, verifying that said transmitted certificate Cj received at the terminal satisfies h(j, Nj)≡

    cj2 mod Nu,(c) at the terminal, choosing a random number x≡

    (xL xR) and obtaining y≡

    x2 mod Nj and transmitting y to said server,(d) at said server, performing the modular square root operation to obtain x=(xL, xR)≡



    y mod N by using secret keys of the server pj,qj, such that Nj =pj qj, and transmitting xL back to the terminal,(e) transmitting, from the terminal to the server, an identity i of the terminal, a public key Pi of the terminal, and a certificate ci of the terminal which certificate ci, if valid, is congruent to √

    h(i,Pi) mod Nu, wherein the identity i, the public key Pi and the certificate ci are encrypted using xR as a session key,(f) at the server, verifying that the received certificate ci satisfies h(i,Pi)≡

    Ci2 mod Nu,(g) computing at the terminal a signature S(m) based on a challenge message m sent by the server by applying an asymmetric signature operation to said challenge message m, and transmitting the signature to the server in encrypted form using xR as a session key, and(h) verifying the signature at the server.

View all claims
  • 10 Assignments
Timeline View
Assignment View
    ×
    ×