Exchange certificate for one way validation of information
First Claim
1. A method for transmitting a value K'"'"' of a variable, between a first user A of a communications system and a second user B, and for validating said value K'"'"', said users sharing a common secret key S and having established a first communication session identified by a first unique session freshness proof N2 known to both user A and user B, said method being characterized in that it comprises the steps of:
- a. transmitting from A to B said value K'"'"' by means of an exchange certificate comprising at least two fields M1 and M2 of the minimum form;
M1=f( S, K'"'"', . . . )M2=g( S, K'"'"', N2, c1, . . . )wherein f( ) and g( ) are functions such that,f( S, K'"'"', . . . )=m1 cannot be solved for K'"'"' without knowledge of S, m1 being a given value of field M1 and,g( S, K'"'"', N2, c1, . . . )=m2 cannot be solved for K'"'"' without knowledge of S, m2 being a given value of field M2;
and wherein,c1 is an exchange counter controlled by A and representative of the number of values of said variable exchanged between user A and user B during said first communication session;
b. processing by B of said exchange certificate M comprising the steps of;
•
deriving from said exchange certificate M said value K'"'"' as a result of solving for K'"'"' equation;
space="preserve" listing-type="equation">f( S, K'"'"', . . . )=M1; and
•
validating said value K'"'"' as a result of the verification of a set of validation conditions comprising at least an equation of the minimum form;
space="preserve" listing-type="equation">g( S, K'"'"', N2, c2, . . . )=M2 wherein,c2 is an exchange counter controlled by B and representative of the number of values of said variable exchanged between user A and user B during said first communication session.c. interrupting at the initiative of either A or B said first communication session between A and B and opening a second communication session identified by a second unique session freshness proof upon occurrence of anyone of a set of session reset conditions, said set of reset conditions comprising failure of at least one of said validation conditions.
1 Assignment
0 Petitions
Accused Products
Abstract
In a communications system, a method is described allowing two users having established a communication session identified by a unique session freshness proof, to transmit and validate a new value of a variable by using an exchange certificate which combines the following elements: the new value of the variable, a common secret key known by both users, an exchange counter representative of the number of values of said variable transmitted between the two users during the current communication session and a session freshness proof. Protection against potential eavesdroppers and intruders is provided by combining cryptographically the elements of the exchange certificate. Further protection is obtained by interrupting the current communication session and opening a new one characterized by a new unique session freshness proof when the exchange counter reaches its maximum value; thus avoiding the risk that the same value of the session freshness keeps being used when the exchange counter is reset to its initial value. Consequently a given pair of values of the session freshness proof and of the exchange counter will never be used more than one time, making eavesdropping and, replaying attacks from intruders more difficult. Preferably, the method used for opening a new communication session uses already known authentication methods based on the common secret key.
51 Citations
18 Claims
-
1. A method for transmitting a value K'"'"' of a variable, between a first user A of a communications system and a second user B, and for validating said value K'"'"', said users sharing a common secret key S and having established a first communication session identified by a first unique session freshness proof N2 known to both user A and user B, said method being characterized in that it comprises the steps of:
-
a. transmitting from A to B said value K'"'"' by means of an exchange certificate comprising at least two fields M1 and M2 of the minimum form; M1=f( S, K'"'"', . . . ) M2=g( S, K'"'"', N2, c1, . . . ) wherein f( ) and g( ) are functions such that, f( S, K'"'"', . . . )=m1 cannot be solved for K'"'"' without knowledge of S, m1 being a given value of field M1 and, g( S, K'"'"', N2, c1, . . . )=m2 cannot be solved for K'"'"' without knowledge of S, m2 being a given value of field M2; and wherein, c1 is an exchange counter controlled by A and representative of the number of values of said variable exchanged between user A and user B during said first communication session; b. processing by B of said exchange certificate M comprising the steps of; •
deriving from said exchange certificate M said value K'"'"' as a result of solving for K'"'"' equation;
space="preserve" listing-type="equation">f( S, K'"'"', . . . )=M1; and•
validating said value K'"'"' as a result of the verification of a set of validation conditions comprising at least an equation of the minimum form;
space="preserve" listing-type="equation">g( S, K'"'"', N2, c2, . . . )=M2 wherein,c2 is an exchange counter controlled by B and representative of the number of values of said variable exchanged between user A and user B during said first communication session. c. interrupting at the initiative of either A or B said first communication session between A and B and opening a second communication session identified by a second unique session freshness proof upon occurrence of anyone of a set of session reset conditions, said set of reset conditions comprising failure of at least one of said validation conditions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for transmitting a value K'"'"' of a variable, between a first user A of a communications system and a second user B, and for validating said value K'"'"', said users sharing a common secret key S and having established a first communication session identified by a first unique session freshness proof N2 known to both user A and user B, said system comprising:
-
a. means for transmitting from A to B said value K'"'"' by means of an exchange certificate comprising at least two fields M1 and M2 of the minimum form; M1=f(S, K'"'"', . . . ) M2=g(S, K'"'"', N2, c1, . . . ) wherein F() and g() are functions such that, f(S, K'"'"', . . . )=m1 cannot be solved for K'"'"' without knowledge of S, m1 being a given value of field M1 and, g(S, K'"'"', N2, c1, . . .)=m2 cannot be solved for K'"'"' without knowledge of S, m2 being a given value of field M2; and wherein, c1 is an exchange counter controlled by A and representative of the number of values of said variable exchanged between user A and user B during said first communication session; b. means for processing by B of said exchange certificate M comprising; means for deriving from said exchange certificate M said value K'"'"' as a result of solving for K'"'"' equation;
space="preserve" listing-type="equation">f(S, K'"'"', . . . )=M1; andmeans for validating said value K'"'"' as a result of the verification of a set of validation conditions comprising at least an equation of the minimum form;
space="preserve" listing-type="equation">g(S, K'"'"', N2, c2, . . .)=M2 wherein,c2 is an exchange counter controlled by B and representative of the number of values of said variable exchanged between user A and user B during said first communication session; c. means for interrupting at the initiative of either A or B said first communication session between A and B and opening a second communication session identified by a second unique session freshness proof upon occurrence of any one of a set of session reset conditions, said set of reset conditions comprising failure of at least one of said validation conditions. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
-
Specification