Method for authenticating an entity by a verifier
First Claim
1. A method for authenticating an entity with a verifier, the entity possessing an identifier, the verifier possessing a private key/public key pair, the method comprising the steps:
- sending to the entity a first random number chosen by the verifier,encrypting a value (v) by the entity by means of the public key of the verifier, said value comprising the first random number and an authentication datum on which the identifier of the entity depends, in which the encryption complies with a public-key encryption scheme, called the modified El Gamal scheme, wherein;
the step of encrypting the value (v) produces two elements T′
1=v⊕
H(yw), and T2′
=gw, where;
H is an identity function or a hash function, and ⊕
an exclusive or operation,g is a generator of a group used by said scheme,y is the public key with which the private key x of the verifier is associated, said keys being such that y=gx,w is a second random number chosen by the entity,the step of decryption by the verifier of the two elements T1 and T2 computes T1′
⊕
H(T2′
x) so as to provide said value (v), andsending in response, by the entity, of a message comprising said encrypted value, for authentication of said entity.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for authenticating an entity by a verifier, the entity having an identifier, the verifier having a pair of private and public keys, comprising: sending to the entity a first random number selected by the verifier; a step wherein the entity encrypts a value by means of the public key of the verifier, said value including the first random number and an authentication datum on which the identifier of the entity depends; and the entity of said encrypted value sending a reply to authenticate said entity. The invention can be applied to the field of low-cost cryptography, especially the field of radio-identification.
17 Citations
10 Claims
-
1. A method for authenticating an entity with a verifier, the entity possessing an identifier, the verifier possessing a private key/public key pair, the method comprising the steps:
-
sending to the entity a first random number chosen by the verifier, encrypting a value (v) by the entity by means of the public key of the verifier, said value comprising the first random number and an authentication datum on which the identifier of the entity depends, in which the encryption complies with a public-key encryption scheme, called the modified El Gamal scheme, wherein; the step of encrypting the value (v) produces two elements T′
1=v⊕
H(yw), and T2′
=gw, where;H is an identity function or a hash function, and ⊕
an exclusive or operation,g is a generator of a group used by said scheme, y is the public key with which the private key x of the verifier is associated, said keys being such that y=gx, w is a second random number chosen by the entity, the step of decryption by the verifier of the two elements T1 and T2 computes T1′
⊕
H(T2′
x) so as to provide said value (v), andsending in response, by the entity, of a message comprising said encrypted value, for authentication of said entity. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An entity adapted for being authenticated by a verifier, the entity possessing an identifier, the verifier possessing a private key/public key pair, and comprising:
-
a receiver configured to receive from the verifier a first random number chosen by the verifier, an encryption element configured to encrypt a value (v) by means of the public key of the verifier, said value comprising the first random number and an authentication datum on which the identifier of the tag depends, in which the encryption complies with a public-key encryption scheme, called the modified E1 Gamal scheme, wherein;
. . .a sender configured to send said encrypted value (v) to the verifier. - View Dependent Claims (8)
-
-
9. A verifier adapted for authenticating at least one entity, the entity possessing an identifier, the verifier possessing a private key/public key pair, the verifier comprising:
-
a sender configured to send a first random number to the entity, a receiver configured to receive from the entity a value (v) encrypted by means of the public key of the verifier, said value comprising the first random number and an authentication datum on which the identifier of the tag depends, in which the encryption complies with a public-key encryption scheme, called the modified E1 Gamal scheme, wherein;
. . .a decryption element configured to decrypt by means of the private key of the verifier the encrypted value received from the entity.
-
-
10. A non-transitory computer program product for installation in a memory of a verifier, comprising instructions which when executed by the verifier cause the verifier to perform the steps of:
-
sending to the entity a first random number chosen by the verifier, encrypting a value (v) by the entity by means of the public key of the verifier, said value comprising the first random number and an authentication datum on which the identifier of the entity depends, in which the encryption complies with a public-key encryption scheme, called the modified E1 Gamal scheme, wherein; the step of encrypting the value (v) produces two elements T′
.sub.1.v.sym.H(y.sup.w), and T′
.sub.2.g.sup.w, where;H is an identity function or a hash function, and .sym. an exclusive or operation, g is a generator of a group used by said scheme, y is the public key with which the private key x of the verifier is associated, said keys being such that y=g.sup.X, w is a second random number chosen by the entity, the step of decryption by the verifier of the two elements T.sub.1 and T.sub.2 computes T′
.sub.1.sym.H′
(T′
.sub.2.sup.x) so as to provide said value (v), andsending in response, by the entity, of a message comprising said encrypted value, for authentication of said entity.
-
Specification