Method for the computer-aided exchange of cryptographic keys between a user computer unit U and a network computer unit N

US 6,064,741 A
Filed: 10/10/1997
Issued: 05/16/2000
Est. Priority Date: 04/13/1995
Status: Expired due to Term

First Claim

Patent Images

1. A method for computer-aided exchange of cryptographic keys between a user computer unit and a network computer unit comprising the steps of:

generating a first random number;

calculating, using the first random number, a first value with a generating element of a finite group in the network computer unit;

forming a first message, which has at least the first value, in the network computer unit;

transmitting the first message by the network computer unit to the user computer unit;

generating a second random number in the user computer unit;

forming, using the second random number, a second value with a generating element of a finite group in the user computer unit;

calculating a first interim key in the user computer unit by raising a public network key to a power of the second random number;

calculating a first encoded term in the user computer unit by encoding an identity indication of the user computer unit with the first interim key using a cryptographic function;

calculating a second interim key in the user computer unit by the first value being raised to a power of a secret user key;

calculating a session key in the user computer unit by an operation on the first interim key with the second interim key;

forming a second message, which has at least the second value and at least the first encoded term, in the user computer unit;

transmitting a second message by the user computer unit to the network computer unit;

calculating the first interim key in the network computer unit by the second value being raised to a power of a secret network key;

calculating the second interim key in the network computer unit in that a public user key is raised to a power of the first random number;

calculating the session key in the network computer unit by operation on the first interim key with the second interim key;

decoding the first encoded term in the network computer unit; and

checking the identity indication of the user computer unit in the network computer unit.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The method is for the exchange of cryptographic keys, in which the length of the transmitted messages is significantly reduced and the security properties of the method are considerably increased in comparison with known methods.

In a network computer unit and in a user computer unit, a first interim key and a second interim key are formed as a function of generated random numbers.

A session key is calculated by a bit-by-bit exclusive-OR operation on the first interim key and the second interim key. The keys are never transmitted in plain text. By use of a function, which for example may be a symmetric cryptographic function, a hash function or a one-way function, the network computer unit and the user computer unit authenticate each other.

58 Citations

View as Search Results

9 Claims

1. A method for computer-aided exchange of cryptographic keys between a user computer unit and a network computer unit comprising the steps of:
- generating a first random number;
  
  calculating, using the first random number, a first value with a generating element of a finite group in the network computer unit;
  
  forming a first message, which has at least the first value, in the network computer unit;
  
  transmitting the first message by the network computer unit to the user computer unit;
  
  generating a second random number in the user computer unit;
  
  forming, using the second random number, a second value with a generating element of a finite group in the user computer unit;
  
  calculating a first interim key in the user computer unit by raising a public network key to a power of the second random number;
  
  calculating a first encoded term in the user computer unit by encoding an identity indication of the user computer unit with the first interim key using a cryptographic function;
  
  calculating a second interim key in the user computer unit by the first value being raised to a power of a secret user key;
  
  calculating a session key in the user computer unit by an operation on the first interim key with the second interim key;
  
  forming a second message, which has at least the second value and at least the first encoded term, in the user computer unit;
  
  transmitting a second message by the user computer unit to the network computer unit;
  
  calculating the first interim key in the network computer unit by the second value being raised to a power of a secret network key;
  
  calculating the second interim key in the network computer unit in that a public user key is raised to a power of the first random number;
  
  calculating the session key in the network computer unit by operation on the first interim key with the second interim key;
  
  decoding the first encoded term in the network computer unit; and
  
  checking the identity indication of the user computer unit in the network computer unit.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1,wherein session key is calculated in the user computer unit by a bit-by-bit exclusive-OR operation on the first interim key with the second interim key, andwherein the session key is calculated in the network computer unit by a bit-by-bit exclusive-OR operation on the first interim key with the second interim key.
  - 3. The method according to claim 1,wherein a first response is formed in the user computer unit by applying a function to a user constant, and the session key is formed,wherein a second message additionally has at least the first response, andwherein the first response is checked in the network computer unit.
  - 4. The method according to claim 1,wherein a response is calculated in the network computer unit by applying a function to a network constant, and the session key is formed,wherein a third message is transmitted by the network computer unit to the user computer unit, the third message containing at least the response, andwherein the response is checked in the user computer unit.
  - 5. The method according to claim 1, wherein a certification message is transmitted by the user computer unit to the network computer unit at a beginning of the method, the certification message containing at least one identity indication of a certification computer unit which supplies a network certificate which is verifiable by the user computer unit.
  - 6. The method according to claim 1,wherein the first message additionally has a network certificate of the public network key of the network computer unit,wherein the network certificate is verified in the user computer unit,wherein the first encoded term is formed in the user computer unit by encoding a user certificate of a public user key of the user computer unit with the first interim key using a cryptographic function;
    - andwherein the user certificate is verified in the network computer unit.
  - 7. The method according to claim 1,wherein a function is one of a symmetric cryptographic algorithm, a hash algorithm or a one-way function,wherein checking of a first response in the network computer unit comprises applying the function to the user constant and to the session key calculated in the network computer unit, and checking a result thereof for matching with the first response, andwherein checking of a second response in the user computer unit comprises applying the function to a network constant and to the session key calculated in the user computer unit, and checking an result thereof for matching with the second response.
  - 8. The method according to claim 3,wherein the function is a symmetric cryptographic algorithm,wherein checking of a first response in the network computer unit comprises decoding the first response in the network computer unit with the session key calculated in the network computer unit, and comprising a decoded user constant with the user constant, andwherein checking of a second response in the user computer unit comprising decoding the second response in the user computer unit with the session key calculated in the user computer unit, and comparing a decoded network constant with the network constant.
  - 9. The method according to claim 4,wherein a function is a symmetric cryptographic algorithm,wherein checking of a first response in the network computer unit comprises decoding the first response in the network computer unit with the session key calculated in the network computer unit, and comprising a decoded user constant with the user constant, andwherein checking of a second response in the user computer unit comprising decoding the second response in the user computer unit with the session key calculated in the user computer unit, and comparing a decoded network constant with the network constant.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Siemens AG
Original Assignee
Siemens AG
Inventors
Muller, Klaus, Horn, Gunther, Kessler, Volker
Primary Examiner(s)
Swann, Tod R.
Assistant Examiner(s)
Darrow, Justin T.

Application Number

US08/945,157
Time in Patent Office

949 Days
Field of Search

380/21, 380/23, 380/28, 380/30, 380/283, 380/285, 713/201, 713/169, 713/171
US Class Current

380/285
CPC Class Codes

H04L 2209/80 Wireless network architectu...

H04L 9/0841 involving Diffie-Hellman or...

Method for the computer-aided exchange of cryptographic keys between a user computer unit U and a network computer unit N

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

58 Citations

9 Claims

Specification

Use Cases

Quick Links

Others

Method for the computer-aided exchange of cryptographic keys between a user computer unit U and a network computer unit N

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

9 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others