Process for the authentication of a data processing system by another data processing system
First Claim
1. A process for authentication of a first data processing system by a second data processing system, and comprising, supplying an identity code (ID) from said first system to said second system to permit said second system to check said identity code for agreement, supplying a random number (ALEA-A) from said second system to said first system if said agreement is found whereby to permit said first system to encode said random number using a signature algorithm (B) using a secret key (SID) whereby to generate a first signed random number (ALEA-S), and supplying said first signed random number from said first system to said second system to permit said second system to apply a signature checking algorithm (T,B,C) to said first signed random number;
- and wherein, the first system includes a data processing terminal including a memory for being programmed and for storing data, said identity code and an encrypted secret fey (KID) are stored in said memory, and the secret key used for the signature of the random number is determined with aid of a decrypting algorithm (INVA) using the encrypted secret key (KID) and a password (MP) supplied by a user to the terminal.
2 Assignments
0 Petitions
Accused Products
Abstract
A process is provided for authentication in a data processing system using a data processing terminal having a programmable memory. The terminal supplies to a server an identify code (ID), the server checks the identify code, and in the case of agreement, supplies a random number (ALEA-A) to the terminal. The terminal encodes the random number using a signature algorithm (B) defined by a secret key (SID), and supplies a first signed random number (ALEA-S) to the server, which applies a signature checking algorithm (T, B, C) to the number (ALEA-S). The identity code and an encrypted secret key (KID) are written into the memory. The secret key (SID) used for the signature of the random number is determined using a decrypting algorithm (INVA) using the encrypted secret key (KID) and a password (MP) supplied by the terminal user. Particular utility for the present invention is found in the area of data processing, although other utilities are also contemplated.
28 Citations
4 Claims
-
1. A process for authentication of a first data processing system by a second data processing system, and comprising, supplying an identity code (ID) from said first system to said second system to permit said second system to check said identity code for agreement, supplying a random number (ALEA-A) from said second system to said first system if said agreement is found whereby to permit said first system to encode said random number using a signature algorithm (B) using a secret key (SID) whereby to generate a first signed random number (ALEA-S), and supplying said first signed random number from said first system to said second system to permit said second system to apply a signature checking algorithm (T,B,C) to said first signed random number;
- and wherein, the first system includes a data processing terminal including a memory for being programmed and for storing data, said identity code and an encrypted secret fey (KID) are stored in said memory, and the secret key used for the signature of the random number is determined with aid of a decrypting algorithm (INVA) using the encrypted secret key (KID) and a password (MP) supplied by a user to the terminal.
- View Dependent Claims (2, 3, 4)
Specification
-
- Resources
-
Current AssigneeChartoleaux KG LLC (Intellectual Ventures LLC)
-
Original AssigneeFrance Telecom Etablissement Autonome de Droit Public
-
InventorsAllegre, Francois, Millot, Jean, Arditti, David, Campana, Mireille
-
Primary Examiner(s)CANGIALOSI, SALVATORE A
-
Application NumberUS08/167,502Time in Patent Office748 DaysField of Search380/23, 380/25, 380/30US Class Current713/159CPC Class CodesG06F 21/31 User authenticationG06F 2221/2103 Challenge-response
