Secure one-way authentication communication system
First Claim
1. A method of authenticating at least one of a pair of first and second correspondents C and T in a data communication system, said method comprising the steps of:
- storing a public key in said first correspondent C;
computing a shared secret by said second correspondent T incorporating said public key C;
storing said shared secret in said first correspondent C;
said second correspondent T generating a challenge value χ and
transmitting said challenge signal χ
to said first correspondent C;
said first correspondent C transmitting to the second correspondent T information including said stored public key C;
said second correspondent T computing a test shared secret from said received public key C;
said first and second correspondents computing response signals using said challenge value χ and
said shared secret in a one-way function ƒ
1; and
said first correspondent C transmitting said computed response signal to said second correspondent T whereby said second correspondent may verify said first correspondent.
1 Assignment
0 Petitions
Accused Products
Abstract
A protocol for authenticating at least one of a pair of first and second correspondents C and T in a data communication system, the method comprising the steps or storing a public key in the first correspondent C; computing a shared secret by the second correspondent T incorporating the public key C; storing the shared secret in the first correspondent C: the second correspondent T generating a challenge value a; the first correspondent C transmitting to the second correspondent T information including the stored public key C; the second correspondent T computing a test shared secret from the received public key C; the first and second correspondents computing response signals using the challenge value z and the shared secret in a one-way function fr; and the first correspondent C transmitting the computed response signal to the second correspondent T whereby the second correspondent verifies the first correspondent.
39 Citations
12 Claims
-
1. A method of authenticating at least one of a pair of first and second correspondents C and T in a data communication system, said method comprising the steps of:
-
storing a public key in said first correspondent C;
computing a shared secret by said second correspondent T incorporating said public key C;
storing said shared secret in said first correspondent C;
said second correspondent T generating a challenge value χ and
transmitting said challenge signal χ
to said first correspondent C;
said first correspondent C transmitting to the second correspondent T information including said stored public key C;
said second correspondent T computing a test shared secret from said received public key C;
said first and second correspondents computing response signals using said challenge value χ and
said shared secret in a one-way function ƒ
1; and
said first correspondent C transmitting said computed response signal to said second correspondent T whereby said second correspondent may verify said first correspondent. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
private keys ti corresponding to respective first correspondents; receiving from said first correspondent C an identification index i; and
using said corresponding private key ti and the public key C to compute a shared secret ssi.
-
-
9. A method as defined in claim 1, said public key scheme being an elliptic curve scheme.
-
10. A method as defined in claim 1, said public key scheme being an RSA type scheme.
-
11. A method of authenticating at least one of a pair of correspondents T and C in an information exchange session, and wherein one of the correspondents T includes a secret key t and the other correspondent C has a public key C and a shared secret value tC derived from said public key C and said secret key t, the method comprising the steps of:
-
the first correspondent C transmitting to the second correspondent T information including said public key C;
the second correspondent T generating a challenge signal χ and
transmitting said challenge signal χ
to said first correspondent C;
said second correspondent T generating a session shared secret ss by combining said private key t with said public key C of said first correspondent C;
said second correspondent T generating a response signal kt by combining said session shared secret ss with said challenge signal χ
, in a mathematical function ƒ
1;
said first correspondent C generating a response value kc by combining said shared secret tC with said challenge value χ
in said mathematical function ƒ
1 and sending said response value kc to said second correspondent T; and
said second correspondent T comparing said response test value k1 to said challenge response value kc to verify said first correspondent C.
-
-
12. An article of manufacture comprising:
-
a computer usable medium having computer readable program code embodied therein for authenticating at least one of a pair of correspondents T and C in an information exchange session, and wherein one of the correspondents T includes a secret key t and the other correspondent C has a public key C and a shared secret value tC derived from said public key C and said secret key t, the computer readable program code in said article of manufacture comprising;
computer readable program code configured to cause a computer to generate a challenge signal χ and
transmit said challenge signal χ
to said first correspondent C in response to a received public information from said first correspondent;
computer readable program code configured to cause a computer to generate a session shared secret ss by combining said private key t with said public key C of said first correspondent C;
computer readable program code configured to cause a computer to generate a test response signal kt by combining said session shared secret ss with said challenge signal χ
, in a mathematical function ƒ
1;
computer readable program code configured to cause a computer to compare said response test signal kt to a received response value kc from said first correspondent to verify said first correspondent C.
-
Specification