Strong mutual authentication of devices
First Claim
1. A method for enabling strong mutual authentication on a computer network comprising the steps of:
- transmitting, by a first computer, a first encrypted message to a second computer over a first communication channel, said first encrypted message comprising a first authentication number encrypted with a second authentication number;
receiving, by said second computer, a second message over a second communication channel, wherein said second message comprises said second authentication number used to decrypt said first encrypted message;
receiving, by said first computer, from said second computer a third encrypted message over said first communication channel, said third encrypted message comprising said second authentication number encrypted with said first authentication number; and
determining, by said first computer, said second authentication number of said third encrypted message is the same as said second authentication number used to encrypt said first encrypted message.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for enabling strong mutual authentication between two computers or devices in a communication system. A user attempting to gain access to a first computer transmits login information to the first computer. The first computer transmits a first message, including a first key encrypted by a second key, to the second computer. The first computer then transmits a second message to a third device. The second message includes the second key needed by the second computer to decrypt the first message. The third device uses the user'"'"'s login information to obtain the user'"'"'s private key, which the third device uses to obtain the second key. The third device transmits the second key in a third message to the second computer. The second computer then uses the second key to decrypt the first message and obtain the first key. Once the second computer obtains the first key, the second computer switches the role of the keys from the first message by encrypting the second key with the first key into a fourth message. The second computer transmits the fourth message to the server, and the first computer decrypts the fourth message using its first key. If the received second key is the same as the generated second key, the second computer is authenticated to the first computer.
-
Citations
37 Claims
-
1. A method for enabling strong mutual authentication on a computer network comprising the steps of:
-
transmitting, by a first computer, a first encrypted message to a second computer over a first communication channel, said first encrypted message comprising a first authentication number encrypted with a second authentication number; receiving, by said second computer, a second message over a second communication channel, wherein said second message comprises said second authentication number used to decrypt said first encrypted message; receiving, by said first computer, from said second computer a third encrypted message over said first communication channel, said third encrypted message comprising said second authentication number encrypted with said first authentication number; and determining, by said first computer, said second authentication number of said third encrypted message is the same as said second authentication number used to encrypt said first encrypted message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for enabling strong mutual authentication comprising:
-
a first computer transmitting a first encrypted message over a first communication channel, said first encrypted message comprising a first authentication number encrypted with a second authentication number; a second computer receiving said first encrypted message over said first communication channel and said second computer receiving a second message over a second communication channel, said second message comprising said second authentication number used to decrypt said first encrypted message; and wherein said first computer, receives from said second computer over said first communication channel a third encrypted message comprising said second authentication number encrypted with said first authentication number, and determines said second authentication number of said third encrypted message is the same as said second authentication number used to encrypt said first encrypted message. - View Dependent Claims (19, 20, 21, 22)
-
-
23. An apparatus for enabling strong mutual authentication on a computer network comprising:
-
means for transmitting, by a first computer, a first encrypted message to a second computer over a first communication channel, said first encrypted message comprising a first authentication number encrypted with a second authentication number; means for receiving, by said second computer, a second message over a second communication channel, wherein said second message comprises said second authentication number used to decrypt said first encrypted message; means for receiving, by said first computer, from said second computer a third encrypted message over said first communication channel, said third encrypted message comprising said second authentication number encrypted with said first authentication number; and means for determining, by said first computer, said second authentication number of said third encrypted message is the same as the second authentication number used to encrypt said first encrypted message. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
Specification