Administration and utilization of secret fresh random numbers in a networked environment
First Claim
1. A method of administration of secret fresh random numbers for use by users in a networked environment to which a server is coupled, there being associated with each user a unique respective set including an ID, a private key, and a public key corresponding to the private key, and with the server a private key and a public key, said method comprising, at the server:
- receiving via the network a user'"'"'s ID;
generating at least a first random number;
forming an encrypted component using the public key of the user, said encrypted component containing at least the first random number in encrypted form;
forming a freshness value corresponding to a current date/time;
hashing together items including the first random number and the freshness value to form a first hash;
forming a first signature of the first hash using the private key of the server;
sending to the user via the network a package including at least the encrypted component, freshness value, and first signature;
receiving a second signature of a second hash which has been formed by signing data from said package, derived at least from the first random number, said second signature being formed using the private key of the user; and
first verifying, using the public key of the user, whether the second signature is for the same first random number as was sent by the server.
6 Assignments
0 Petitions
Accused Products
Abstract
In a public key cryptosystem employing the El-Gamal algorithm, secret fresh random numbers are generated at a server and private keys of users, as encrypted with a symmetric algorithm by using individual user identifying keys determined by hashing the users'"'"' respective passphrases or biometric information (fingerprint, voiceprint, retina scan, or face scan) are maintained in a store accessible to the server, and the fresh random numbers and encrypted private keys are transmitted to the user equipment when needed via a network which is not secure. In order to prevent an attacker from discovering the random numbers or employing formerly used random numbers in a block replay attack, an interchange in the nature of a challenge response protocol is employed which passes at least one secret fresh random number from the server to the user equipment while also authenticating the user to the server. In this interchange, a first random number to be distributed to the user for use in signing a document and a second random number which is to be used by the user in forming a signature of a hashing together of the first and second random numbers as part of the challenge response protocol, are supplied to the user equipment in encrypted form together with a freshness value, and a signature by the server of a hashing together of the first and second random numbers and the freshness value.
168 Citations
20 Claims
-
1. A method of administration of secret fresh random numbers for use by users in a networked environment to which a server is coupled, there being associated with each user a unique respective set including an ID, a private key, and a public key corresponding to the private key, and with the server a private key and a public key, said method comprising, at the server:
-
receiving via the network a user'"'"'s ID; generating at least a first random number; forming an encrypted component using the public key of the user, said encrypted component containing at least the first random number in encrypted form; forming a freshness value corresponding to a current date/time; hashing together items including the first random number and the freshness value to form a first hash; forming a first signature of the first hash using the private key of the server; sending to the user via the network a package including at least the encrypted component, freshness value, and first signature; receiving a second signature of a second hash which has been formed by signing data from said package, derived at least from the first random number, said second signature being formed using the private key of the user; and first verifying, using the public key of the user, whether the second signature is for the same first random number as was sent by the server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for obtaining and using secret fresh random numbers at user equipment in a networked environment to which a server is coupled, there being associated with each user a unique respective set including an ID, a private key, and a public key corresponding to the private key, and with the server a private key and a public key, said method comprising, at the user equipment:
-
transmitting an ID of a user; receiving a package including an encrypted component containing at least a first random number in encrypted form, which encrypted component has been produced using the private key of the user, a freshness value corresponding to a date/time, and a first signature of a first hash, said first hash having been formed by hashing together items including said first random number and the freshness value, and said first signature having been formed using the private key of the server; decrypting the at least first random number using the public key of the user; determining whether the current date/time is no more than a predetermined amount later than the freshness value; independently computing the first hash; verifying the first signature using the public key of the server and the independently computed first hash; and if the results of the determining and verifying are positive; forming a second signature of data from said package, derived from at least the first random number using the private key of the user; and
sending the second signature via the network. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A server system for supplying items for a plurality of users for use in signature or encryption operations employing the El-Gamal algorithm, there being associated with each user a unique respective set including a private key, and a public key corresponding to the private key, and with the server a private key and a public key, said system comprising:
-
a random number generator for generating at least first, second, third, and fourth random numbers; and means for forming a package including an encrypted component containing at least the first and second random numbers encrypted together using the public key of a user and the third random number;
a freshness value; and
a first signature of a first hash formed by hashing together said first random number, at least another random number contained in said package in encrypted form, and said freshness value, said first signature being formed using the private key of the server and the fourth random number. - View Dependent Claims (18, 19, 20)
-
Specification