Message authentication

US 7,949,875 B2
Filed: 03/08/2007
Issued: 05/24/2011
Est. Priority Date: 12/02/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method for the authentication of data communicated from an originator computer device to a destination computer device, comprising:

generating, at the originator computer device, a random bit array;

generating, at the originator computer device, a digest of data using a private key according to a keyed-hashing technique, said data including said random bit array and temporal validity information defined at the originator computer device and representing the temporal validity of the data;

transmitting the data together with the digest from the originator computer device to the destination computer device;

searching in a key table for a key that is identical to a current login key random bit array and terminating a connection between the originator computer device and the destination computer device in response to finding a key identical to the current login key random bit array in the key table;

storing the random bit array of the current login key in the key table until the current login key expires;

verifying, at the destination computer device, an authenticity of the data received at the destination computer device based on the digest received at the destination computer device and the private key at the destination computer device; and

verifying, at the destination computer device, a temporal validity of the data received at the destination computer device based on the temporal validity information included in the data received at the destination computer device,wherein the private key used for generating the digest of data at the originator computer device and for verifying the authenticity of the data received at the destination computer device is shared by the originator computer device and the destination computer device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

For the authentication of messages communicated in a distributed system from an originator to a destination a keyed-hashing technique is used according to which data to be authenticated is concatenated with a private (secret) key and then processed to the cryptographic hash function. The data are transmitted together with the digest of the hash function from the originator to the destination. The data comprises temporal validity information representing the temporal validity of the data. For example the setup key of a communication is therefore only valid within a given time interval that is dynamically defined by the communication originator. After the time interval is exceeded the setup key is invalid and cannot be reused again.

Citations

4 Claims

1. A method for the authentication of data communicated from an originator computer device to a destination computer device, comprising:
- generating, at the originator computer device, a random bit array;
  
  generating, at the originator computer device, a digest of data using a private key according to a keyed-hashing technique, said data including said random bit array and temporal validity information defined at the originator computer device and representing the temporal validity of the data;
  
  transmitting the data together with the digest from the originator computer device to the destination computer device;
  
  searching in a key table for a key that is identical to a current login key random bit array and terminating a connection between the originator computer device and the destination computer device in response to finding a key identical to the current login key random bit array in the key table;
  
  storing the random bit array of the current login key in the key table until the current login key expires;
  
  verifying, at the destination computer device, an authenticity of the data received at the destination computer device based on the digest received at the destination computer device and the private key at the destination computer device; and
  
  verifying, at the destination computer device, a temporal validity of the data received at the destination computer device based on the temporal validity information included in the data received at the destination computer device,wherein the private key used for generating the digest of data at the originator computer device and for verifying the authenticity of the data received at the destination computer device is shared by the originator computer device and the destination computer device.
- View Dependent Claims (2)
- - 2. The method according to claim 1, whereinthe data further comprises random data which are unique for a time span defined by the temporal validity information.

3. A distributed system comprising:
- an originator computer device; and
  
  a destination computer device, whereinthe originator computer device is configured togenerate a random bit array,generate a digest of data using a private key according to a keyed-hashing technique, said data including said random bit array and temporal validity information defined by the originator computer device and representing the temporal validity of the data, andtransmit the data together with the digest of the hash function from the originator computer device to the destination computer device, andthe destination computer device is configured tosearch in a key table for a key that is identical to a current login key random bit array and terminate a connection between the originator computer device and the destination computer device in response to finding a key identical to the current login key random bit array in the key table,store the random bit array of the current login key in the key table until the current login key expires,verify an authenticity of the data received at the destination computer device based on the digest received at the destination computer device and the private key at the destination computer device, andverify a temporal validity of the data received at the destination computer device based on the temporal validity information included in the data received at the destination computer device,wherein the private key used for generating the digest of data at the originator computer device and for verifying the authenticity of the data received at the destination computer device is shared by the originator computer device and the destination computer device.
- View Dependent Claims (4)
- - 4. The distributed system according to claim 3, whereinthe data further comprises random data which are unique for a time span defined by the temporal validity information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Deutschland GmbH (Sony Group Corp.)
Original Assignee
Sony Deutschland GmbH (Sony Group Corp.)
Inventors
Mache, Niels
Primary Examiner(s)
Abrishamkar; Kaveh

Application Number

US11/683,663
Publication Number

US 20070162757A1
Time in Patent Office

1,538 Days
Field of Search

None
US Class Current

713/170
CPC Class Codes

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/126   the source of the received ...

H04L 9/3242   involving keyed hash functi...

H04L 9/3297   involving time stamps, e.g....

Message authentication

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

4 Claims

Specification

Solutions

Use Cases

Quick Links

Message authentication

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

4 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links