Cryptographic authentication process

US 7,451,314 B2
Filed: 06/24/2002
Issued: 11/11/2008
Est. Priority Date: 06/27/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A cryptographic authentication method, comprising:

sending from a first entity to be authenticated to an authenticator second entity a message protected by a cryptographic algorithm and a secret, said authenticator second entity being in communication with a database containing at least one parameter having an assigned risk value and switching means for switching received protected messages to one of a first verification means and a second verification means based on a comparison of content of the received protected messages to the at least one parameter from the database;

performing an operation by said authenticator second entity, after receiving said message, said operation being selected from the group comprising;

completely verifying the authentication of the received protected message via the first verification means which includes said cryptographic algorithm and a verification key;

delaying complete verification of the authentication of said protected message;

partially verifying the authentication of the received protected message via said cryptographic algorithm and said verification key;

partially verifying the authentication of the received protected message via the second verification means which includes said cryptographic algorithm and said verification key and subsequently completing the verification; and

omitting verification of the authentication of said protected message;

wherein the operation performed by said authenticator second entity from said group of operations is selected as a function of a degree of certainty that the second entity wishes to obtain as to the authentication of the first entity based on the received messages of said switching means which is configured to switch the received protected messages to one of the first verification means and the second verification means based on the comparison of the content of the received protected messages to the at least one parameter from the database, and wherein the operation is concealed from the first entity.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cryptographic authentication method including a first step during which a first entity (A) to be authenticated sends an authenticator second entity (B) a message protected by a cryptographic algorithm and a secret key (K_s). During a second step, the second entity (B), after receiving said message, carries out operations selected from the group comprising completely verifying the authentication of the received protected message by means of said cryptographic algorithm and a verification key (K_v), delaying said complete verification, partly verifying said authentication, partly verifying said authentication and completing the verification subsequently, and omitting to verify said authentication. One of these operations is chosen as a function of the degree of certainty that the second entity (B) wishes to obtain as to the authentication of the first entity (A) and being concealed from the first entity (A).

51 Citations

View as Search Results

9 Claims

1. A cryptographic authentication method, comprising:
- sending from a first entity to be authenticated to an authenticator second entity a message protected by a cryptographic algorithm and a secret, said authenticator second entity being in communication with a database containing at least one parameter having an assigned risk value and switching means for switching received protected messages to one of a first verification means and a second verification means based on a comparison of content of the received protected messages to the at least one parameter from the database;
  
  performing an operation by said authenticator second entity, after receiving said message, said operation being selected from the group comprising;
  
  completely verifying the authentication of the received protected message via the first verification means which includes said cryptographic algorithm and a verification key;
  
  delaying complete verification of the authentication of said protected message;
  
  partially verifying the authentication of the received protected message via said cryptographic algorithm and said verification key;
  
  partially verifying the authentication of the received protected message via the second verification means which includes said cryptographic algorithm and said verification key and subsequently completing the verification; and
  
  omitting verification of the authentication of said protected message;
  
  wherein the operation performed by said authenticator second entity from said group of operations is selected as a function of a degree of certainty that the second entity wishes to obtain as to the authentication of the first entity based on the received messages of said switching means which is configured to switch the received protected messages to one of the first verification means and the second verification means based on the comparison of the content of the received protected messages to the at least one parameter from the database, and wherein the operation is concealed from the first entity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, wherein the cryptographic algorithm is a public key algorithm.
  - 3. The method according to claim 2, wherein the cryptographic algorithm is an RSA (Rivest, Shamir, Adelman) algorithm in which the public key is a function of a modulus.
  - 4. The method according to claim 3, wherein the protected message has a length that is at most equal to half the modulus of said public key.
  - 5. The method according to claim 2, wherein the cryptographic algorithm is a DSA (Digital Signature Algorithm) algorithm.
  - 6. The method according to claim 2, wherein the cryptographic algorithm is a zero knowledge algorithm.
  - 7. The method according to claim 1, wherein the cryptographic algorithm is a secret key algorithm.
  - 8. The method according to claim 1, wherein the first entity is a client and the second entity is a server.

9. A server, comprising:
- first verification means configured to completely verify authentication of a received protected message based on a cryptographic algorithm and a verification key;
  
  second verification means configured to partially verify the authentication of the received protected message based on said cryptographic algorithm and said verification key;
  
  a database containing one or more parameters assigned a risk value; and
  
  switching means for switching received protected messages to one of the first verification means and the second verification means based on a comparison of content of the received protected messages to at least one parameter from the database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Orange S.A.
Original Assignee
Orange S.A.
Inventors
Petit, Stéphane, Vallee, Luc
Primary Examiner(s)
Moazzami; Nasser G
Assistant Examiner(s)
Cervetti; David Garcia

Application Number

US10/481,914
Publication Number

US 20040177252A1
Time in Patent Office

2,332 Days
Field of Search

713/170, 713/169
US Class Current

713/170
CPC Class Codes

H04L 2209/56 Financial cryptography, e.g...

H04L 9/3247 involving digital signatures

Cryptographic authentication process

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

51 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Cryptographic authentication process

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

51 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links