Authentication in a packet data system
First Claim
Patent Images
1. A communications system comprising a user device and an infrastructure part including a host,the user device being arranged to;
- generate authentication information unique to the user device, wherein the authentication information is derived from a key that is uniquely derived from a host identifier that identifies the host, and wherein the key is substantially not reversibly ascertainable from the authentication information;
generate a data packet including the authentication information and the host identifier; and
send the data packet to the infrastructure part; and
the infrastructure part being arranged to;
generate corresponding authentication information, using at least the host identifier from the data packet; and
combine the authentication information from the user device with the corresponding authentication information to identify a correspondence therebetween and to thereby authenticate the data packet.
4 Assignments
0 Petitions
Accused Products
Abstract
A communication system in which a user device (10) generates authentication information (32) unique to the user device and provides a data packet (35) including this authentication information to an infrastructure part which is a gateway (14) or a host (16). The packet also contains a host identifier (36) or time dependent information (202). This is used at the gateway (14) or the host (16) to authenticate the packet.
69 Citations
32 Claims
-
1. A communications system comprising a user device and an infrastructure part including a host,
the user device being arranged to; -
generate authentication information unique to the user device, wherein the authentication information is derived from a key that is uniquely derived from a host identifier that identifies the host, and wherein the key is substantially not reversibly ascertainable from the authentication information;
generate a data packet including the authentication information and the host identifier; and
send the data packet to the infrastructure part; and
the infrastructure part being arranged to;
generate corresponding authentication information, using at least the host identifier from the data packet; and
combine the authentication information from the user device with the corresponding authentication information to identify a correspondence therebetween and to thereby authenticate the data packet. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A communications system comprising a user device and an infrastructure part including a host,
the user device being arranged to: -
generate authentication information unique to the user device, wherein the authentication information is derived from a key that is substantially not reversibly ascertainable from the authentication information;
generate a first data packet including the authentication information;
send the first data packet to the infrastructure part;
start a timer which sets a time-out; and
send at least a second data packet within the time-out time as part of a session that is common to the first and second data packets; and
the infrastructure part being arranged to;
generate corresponding authentication information; and
combine the authentication information from the user device with the corresponding authentication information to identify a correspondence therebetween and to thereby authenticate the data packet and establish a time-limit session between the user device and the host. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A communications system comprising a user device and an infrastructure part including a host,
the user device being arranged to: -
generate authentication information unique to the user device, wherein the authentication information is derived from a key and time dependent information, and wherein the key and the time dependent information are substantially not reversibly ascertainable from the authentication information;
generate a data packet including the authentication information; and
send the data packet to the infrastructure part; and
the infrastructure part being arranged to;
generate corresponding authentication information and time dependent information; and
combine the authentication information from the user device with the corresponding authentication information and time dependent information to identify a correspondence therebetween and to thereby authenticate the packet. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A method of communicating in a communications system comprising a user device and an infrastructure part including a host, the method comprising:
-
generating, at the user device, authentication information unique to the user device, wherein the authentication information is derived from a key that is uniquely derived from a host identifier that identifies the host, and wherein the key is substantially not reversibly ascertainable from the authentication information;
generating a data packet including the authentication information and the host identifier;
sending the data packet to the infrastructure part;
generating, at the infrastructure part, corresponding authentication information, using at least the host identifier from the data packet; and
combining, at the infrastructure part, the authentication information from the user device with the corresponding authentication information to identify a correspondence therebetween and to thereby authenticate the data packet. - View Dependent Claims (18, 19, 20, 21)
-
-
22. A method of communicating in a communications system comprising a user device and an infrastructure part, the method comprising:
-
generating, at the user device, authentication information unique to the user device, wherein the authentication information is derived from a key that is substantially not reversibly ascertainable from the authentication information;
generating a first data packet including the authentication information;
sending the first data packet to the infrastructure part;
starting a timer which sets a time-out time;
sending at least a second data packet within the time-out time as part of a session that is common to the first and second data packets;
generating, at the infrastructure part, corresponding authentication information; and
combining the authentication information from the user device with the corresponding authentication information to identify a correspondence therebetween and to thereby authenticate the packet and establish a time-limited session between the user device and the host device. - View Dependent Claims (23, 24, 25, 26)
-
-
27. A method of communicating in a communications system comprising a user device and an infrastructure part including a host, the method comprising:
-
generating, at the user device, authentication information unique to the user device, wherein the authentication information is derived from a key and time dependent information, and wherein the key and the time dependent information are substantially not reversibly ascertainable from the authentication information;
generating a data packet including the authentication information;
sending the data packet to the infrastructure part generating, at the infrastructure part, corresponding authentication information and time dependent information; and
combining the authentication information from the user device with the corresponding authentication information and time dependent information to identify a correspondence therebetween and to thereby authenticate the data packet. - View Dependent Claims (28, 29, 30, 31, 32)
-
Specification