Method for zero-knowledge authentication of a prover by a verifier providing a user-selectable confidence level and associated application devices
First Claim
1. An authentication method having a selectable confidence level, comprising the steps of:
- (a) iteratively interacting between a prover and a verifier, wherein the prover and verifier are electronic devices that perform calculations and pass values between themselves that result from the calculations;
(b) determining from at least one of the values whether each iteration yields one of a pass and fail result, wherein each iteration that yields a pass result establishes an authentication confidence level that is greater than an authentication level from a previous iteration, and wherein a fail result stops the iterations;
(c) continuing to perform iterations, so long as each iteration achieves a pass result, until a count of iterations reaches a number sufficient to achieve a first authentication confidence level desired by the verifier;
(d) allowing performance of a first task by the verifier in reliance on the first authentication confidence level;
(e) continuing to perform iterations, so long as each iteration achieves a pass result, until a count of iterations reaches a number sufficient to achieve a second authentication confidence level desired by the verifier;
(f) allowing performance of a second task by the verifier in reliance on the second authentication confidence level desired by the verifier; and
(g) disallowing performance of the at least one task by the verifier when an iteration achieves a fail result before the second authentication confidence level is met.
4 Assignments
0 Petitions
Accused Products
Abstract
Authentication is performed to a confidence level (CL) desired by a verifier (220). A prover (210) picks and sends certain same size, square matrices to the verifier (220). A random request bit is sent (234) from the verifier (220) to the prover (210) after the receipt of a certain square matrix. Depending on the request bit, calculations are made (244, 264) by the verifier (220) to determine if the matrices sent from the prover are verifiable. The prover (210) is iteratively authenticated by the verifier (220). Iterations are continued until (320) a count of the iterations (IL) reaches a number sufficient to achieve the desired confidence level (CL). After a delay, more iterations can achieve a higher confidence level by building on previous result of authentication without having to begin at zero. During this delay, the verifier (220) can perform tasks in reliance on the result of authentication. Digital logic can perform the authentication.
-
Citations
28 Claims
-
1. An authentication method having a selectable confidence level, comprising the steps of:
-
(a) iteratively interacting between a prover and a verifier, wherein the prover and verifier are electronic devices that perform calculations and pass values between themselves that result from the calculations; (b) determining from at least one of the values whether each iteration yields one of a pass and fail result, wherein each iteration that yields a pass result establishes an authentication confidence level that is greater than an authentication level from a previous iteration, and wherein a fail result stops the iterations; (c) continuing to perform iterations, so long as each iteration achieves a pass result, until a count of iterations reaches a number sufficient to achieve a first authentication confidence level desired by the verifier; (d) allowing performance of a first task by the verifier in reliance on the first authentication confidence level; (e) continuing to perform iterations, so long as each iteration achieves a pass result, until a count of iterations reaches a number sufficient to achieve a second authentication confidence level desired by the verifier; (f) allowing performance of a second task by the verifier in reliance on the second authentication confidence level desired by the verifier; and (g) disallowing performance of the at least one task by the verifier when an iteration achieves a fail result before the second authentication confidence level is met. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method in a prover of authenticating a prover using same-size square matrices, wherein the prover has a private key matrix K and a base matrix N, wherein the private key matrix K is a square matrix of a predetermined size, and wherein the base matrix N is of the same size as the private key matrix K, and wherein the prover has a masked matrix M, wherein the masked matrix M is of the same size as the base matrix N, the method comprising the steps of:
-
(a) picking a square matrix S of the same size as the private key matrix K; (b) calculating a same-size, commitment matrix C based on the square matrix S and the masked matrix M and sending the commitment matrix C to at least one verifier; (c) receiving a request from the verifier, wherein the request comprises at least first and second request states; (d) on a first request state of the request, sending the square matrix S to the verifier; and (e) on a second request state of the request, calculating a same-size, masked key matrix V from the square matrix S and the private key matrix K and sending the masked key matrix V to the verifier, wherein the prover and verifier are electronic devices. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method in a verifier of deciding whether or not to authenticate a prover using same-size matrices, wherein the prover provides a base matrix N and a masked matrix M, wherein both the base matrix N and the masked matrix M are square matrices of a predetermined size, the method comprising the steps of:
-
(a) receiving a same-size, commitment matrix C from the prover; (b) choosing one of at least first and second request states and sending the chosen request state to the prover; (c) on a first request state of the request, receiving from the prover a same-size, square matrix S and using the square matrix S and the masked matrix M to verify the commitment matrix C; (d) on a second request state of the request, receiving a same-size, masked key matrix V from the prover and using the received masked key matrix V and the base matrix N to verify the commitment matrix C; and (e) if the commitment matrix C is unverifiable, then authentication fails, wherein the prover and verifier are electronic devices. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
-
-
27. A method of deciding whether or not to authenticate a prover using same-size square matrices, the method comprising the steps of:
-
(a) establishing a private key matrix K, wherein the private key matrix K is a square matrix of a predetermined size; (b) choosing a base matrix N of the same size as the private key matrix K; (c) calculating a same-size, masked matrix M; (d) picking by the prover a same-size, square matrix S for this iteration; (e) calculating by the prover a same-size, commitment matrix C after the picking of the square matrix S in said step (d) and sending the commitment matrix C from the prover to the verifier; (f) sending a request from the verifier to the prover after the receipt of the commitment matrix C in said step (e), wherein the request comprises at least first and second request states; (g) on a first request state of the request, (g)(1) sending the square matrix S from the prover to the verifier, and (g)(2) the verifier using received matrix S and the masked matrix M to verify the commitment matrix C, if not verifiable, then authentication fails, otherwise go to step (i); (h) on a second request state of the request, (h)(1) the prover calculating a same-size, masked key matrix V from the square matrix S and the private key matrix K and sending the masked key matrix V to the verifier, and (h)(2) the verifier using received masked key matrix V and the base matrix N to verify the commitment matrix C, if not verifiable, then authentication fails, otherwise go to step (i); and (i) determining whether to make another iteration to improve confidence and, if so, returning to step (d) to make an additional authentication iteration, otherwise issuing a pass decision, wherein the prover and verifier are electronic devices. - View Dependent Claims (28)
-
Specification