Method and system for authenticating messages exchanged in a communications system
First Claim
1. In a communications system supporting the exchange of messages, a method for authenticating messages, comprising the step of:
- receiving a first message to be authenticated from a message sender to a signature generator entity in the communication system, wherein the signature generator entity is a computer program executed by a processor of a computer system coupled to the communication system;
the processor that executes the signature generator entity generating a signature with respect to the received first message, the signature being dependent on the message sender, wherein said signature comprises a first-level key and a second-level key, wherein the first-level key is determined by information regarding the message sender, and wherein the second-level key is determined by information regarding the signature generator entity;
sending back to the message sender an authenticated first message, the authenticated first message including the generated signature;
forwarding the authenticated first message from the message sender to a message recipient;
receiving, from the message recipient, a second message that requests verifying the forwarded first message;
sending the received second message to a signature verifier entity for a verification outcome of the first message;
receiving the verification outcome from the signature verifier entity that had verified the validity of the signature in the authenticated first message; and
notifying the message recipient of the verification outcome.
3 Assignments
0 Petitions
Accused Products
Abstract
In a communications system supporting the exchange of messages, a method for authenticating messages, comprising: having a message sender send a message to be authenticated to a signature generator entity in the communications system; having the signature generator entity generate a signature with respect to the received message, the signature being dependent on the message sender; having the signature generator entity send back to the message sender an authenticated message, the authenticated message including the generated signature; having the message sender forward the authenticated message to a message recipient; having the message recipient send the received message to a signature verifier entity in the communications system; having the signature verifier entity verify the validity of the signature, and notifying the message recipient of an outcome of the validity verification.
-
Citations
19 Claims
-
1. In a communications system supporting the exchange of messages, a method for authenticating messages, comprising the step of:
-
receiving a first message to be authenticated from a message sender to a signature generator entity in the communication system, wherein the signature generator entity is a computer program executed by a processor of a computer system coupled to the communication system; the processor that executes the signature generator entity generating a signature with respect to the received first message, the signature being dependent on the message sender, wherein said signature comprises a first-level key and a second-level key, wherein the first-level key is determined by information regarding the message sender, and wherein the second-level key is determined by information regarding the signature generator entity; sending back to the message sender an authenticated first message, the authenticated first message including the generated signature; forwarding the authenticated first message from the message sender to a message recipient; receiving, from the message recipient, a second message that requests verifying the forwarded first message; sending the received second message to a signature verifier entity for a verification outcome of the first message; receiving the verification outcome from the signature verifier entity that had verified the validity of the signature in the authenticated first message; and notifying the message recipient of the verification outcome. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for authenticating messages, comprising:
-
a processor and a computer readable storage medium coupled to the processor, said computer readable storage medium containing instructions that when executed by the processor implement authenticating messages in the communication system, said authenticating comprising; receiving a first message to be authenticated from a message sender to a signature generator entity in the communication system, wherein the signature generator entity is a computer program executed by a processor of a computer system coupled to the communication system; the signature generator entity generating a signature with respect to the received first message, the signature being dependent on the message sender, wherein said signature comprising a first-level key and a second-level key, wherein the first-level key is determined by information regarding the message sender, and wherein the second-level key is determined by information regarding the signature generator entity; sending back to the message sender an authenticated first message, the authenticated first message including the generated signature; forwarding the authenticated first message from the message sender to a message recipient; receiving, from the message recipient, a second message that requests verifying the forwarded first message; sending the received second message to a signature verifier entity for a verification outcome of the first message; receiving the verification outcome from the signature verifier entity that had verified the validity of the signature in the authenticated first message; and notifying the message recipient of the verification outcome.
-
-
15. In a communications system supporting the exchange of messages, a method for authenticating messages, comprising the steps of:
-
sending a message to be authenticated from a message sender to a signature generator entity in the communication system, the signature generator entity generating a signature with respect to the received message, the signature being dependent on the message sender, and sending back to the message sender an authenticated message, the authenticated message including the generated signature; forwarding the authenticated message from the message sender to a message recipient; sending the received message from the message recipient to a signature verifier entity; and the signature verifier entity verifying the validity of the signature, and notifying the message recipient of an outcome of the validity verification, wherein the communications system includes a wireless communications network, wherein the communications system supports a messaging service, particularly a Short Messaging Service (SMS), and the message to be authenticated includes an SMS message, wherein said generating further comprising generating the signature based on a user-related key (Uka), wherein said method further comprises having a sender user providing to the signature generator entity a personal identification code (PINa), and having the signature generator entity authenticate the sender user based on the provided personal identification code, wherein said method further comprises the sender user placing the personal identification code in the SMS message to be authenticated, wherein said method further comprises the signature generator entity utilizing the personal identification code to obtain the user-related key, wherein said method further comprises having the signature generator entity generating said signature by applying a cryptographic hash function to the message to be authenticated, using the user-related key, and wherein said method further comprises utilizing a signature generator entity-related key in addition to the user-related key for generating the signature, by applying a cryptographic hash function or a digesting function. - View Dependent Claims (16, 17, 18, 19)
-
Specification