Method for securing communications between a terminal and an additional user equipment
First Claim
1. A method for securing a session over a short distance wireless link between a terminal and a user device, said terminal and said user device both comprising cryptographic computing means, said terminal and said user device further both comprising a display and input means, wherein said terminal and said user device can be connected through said short distance wireless link, said method comprising the steps of:
- generating a secret in said terminal or said user device,displaying said secret or the hash value of said secret on the display of said terminal or said user device,while said user device and said terminal are kept separate from each other,manually entering said secret or the hash value of said secret on the input means of the other one of said terminal or user device, andusing said shared secret to guarantee the authenticity of at least a part of said session between said user device and said terminal over said short distance wireless link.
5 Assignments
0 Petitions
Accused Products
Abstract
Method for securing a session over a radio or infrared wireless link (101) between a terminal (11) and a mobile equipment (10), said session being secured with a SIM card (100) in said mobile equipment (10). The terminal (11) and the mobile equipment (10) both comprise a display and a keyboard or keypad and can be mutually connected through said short distance wireless link (101). The method comprises the following steps:
- generating a secret in one of said terminals or said smart cards,
- displaying this secret on the display of said terminal (11) or said user equipment (10),
- entering said secret or the hash value of said secret on the input means of the other one of said terminals (11) or user equipments (10),
- using said shared secret for securing at least a part of said session over said short distance wireless link (101).
39 Citations
34 Claims
-
1. A method for securing a session over a short distance wireless link between a terminal and a user device, said terminal and said user device both comprising cryptographic computing means, said terminal and said user device further both comprising a display and input means, wherein said terminal and said user device can be connected through said short distance wireless link, said method comprising the steps of:
-
generating a secret in said terminal or said user device, displaying said secret or the hash value of said secret on the display of said terminal or said user device, while said user device and said terminal are kept separate from each other, manually entering said secret or the hash value of said secret on the input means of the other one of said terminal or user device, and using said shared secret to guarantee the authenticity of at least a part of said session between said user device and said terminal over said short distance wireless link. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A smart card having thereon a computer program comprising instructions to be executed by processing means included in said smart card for causing the smart card to perform a process comprising the steps of:
-
generating a secret, preparing an instruction for displaying said secret on the display of a device in which said smart card is adapted to be used, so that said displayed secret can be manually entered into a separate device for use in computing a broadcast message, waiting until the broadcast message arrives, and checking if said secret has been used for computing said broadcast message so that a secured communication session can be established between said device and said separate device. - View Dependent Claims (21, 22, 23, 24, 25)
-
-
26. A computer readable recording medium storing a computer program comprising computer executable instructions for causing a computer including a short distance wireless interface to execute a process comprising the steps of:
-
getting a message to be sent over said wireless interface, getting a secret manually entered by a user on the input means of said computer, computing a message authentication code from said message using said secret, broadcasting said message authentication code, listening on said wireless interface until a message arrives, and verifying if the message has been computed with said secret.
-
-
27. A computer readable recording medium storing a computer program comprising computer executable instructions for causing a computer including a short distance wireless interface to execute a process comprising the following steps:
-
generating a first secret, displaying said secret, or the hash value of said secret, on the display of said computer, listening on said wireless interface until a broadcast message arrives, extracting a public key from said broadcast message, generating a second secret, encrypting said first and said second secret with said public key, sending said encrypted first and second secret to the sender of said broadcast message, listening on said wireless interface until a second message arrives, and checking if said second secret has been used for computing said second message.
-
-
28. A smart card having thereon a computer program comprising instructions to be executed by processing means in said smart card for causing the smart card to perform a process comprising at least the following steps:
-
getting a first secret entered in said smart card via the keypad of a user equipment, broadcasting a user certificate stored in said smart card, waiting for a message, decrypting said message with the private key of the user, extracting a second secret from said message, verifying if the sender of said message knows said first secret, and computing a response with said second secret. - View Dependent Claims (29, 30, 31)
-
-
32. A method for securing a session over a wireless link between a terminal and a portable device used by a user, said terminal and said portable device both comprising cryptographic computing means, said portable device further comprising a display and said terminal further comprising an input means, wherein said terminal and said portable device can be connected together through said wireless link, said method comprising the steps of:
-
generating a secret in said portable device, displaying said secret or the hash value of said secret on the display of said portable device, the user manually entering said secret or the hash value of said secret on the input means of the terminal, and using said entered secret to guarantee the authenticity of at least a part of said session between said terminal and said portable device over said wireless link. - View Dependent Claims (33, 34)
-
Specification