Method for authenticating a portable data carrier
First Claim
1. A method for authenticating a portable data carrier to a terminal device, the method comprising:
- deriving a public session key (PKSession) and a secret session key (SKSession) in the data carrier, the public session key (PKSession) being derived from a public key (PKi) individual to the data carrier, the public key (PKi) being derived from a public group key (PK), and the secret session key (SKSession) being derived from a secret key (SKi) individual to the data carrier, the secret key (SKi) being derived from a secret group key (SK); and
anonymously authenticating the data carrier to the terminal device using the secret session key (SKSession) in the data carrier and the public session key (PKSession) in the terminal device,wherein the terminal device verifies the public session key (PKSession) by a certificate (CPK) of the public group key (PK), which certificate is stored in the data carrier, by the terminal device checking the certificate (CpK) and reconstructing the derivation of the public session key (PKSession) from the public group key (PK) via the public key (PKi) individual to the data carrier.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for authenticating a portable data carrier (10) to a terminal device by the following steps: In the data carrier (10) a public session key (PKSession) is derived (S5) from a public key individual to the data carrier (PKi) which has in its turn been derived (TS32; S1) from a public group key (PK). Further, a secret session key (SKSession) is derived (S4) from a secret key individual to the data carrier (SKi) which has in turn been derived (TS31) from a secret group key (SK). Subsequently, a secret communication key (KK) is agreed on (S7) between the data carrier (10) and the terminal device. Finally, the terminal verifies (S8) the public session key (PKSession) of the data carrier (10).
-
Citations
16 Claims
-
1. A method for authenticating a portable data carrier to a terminal device, the method comprising:
-
deriving a public session key (PKSession) and a secret session key (SKSession) in the data carrier, the public session key (PKSession) being derived from a public key (PKi) individual to the data carrier, the public key (PKi) being derived from a public group key (PK), and the secret session key (SKSession) being derived from a secret key (SKi) individual to the data carrier, the secret key (SKi) being derived from a secret group key (SK); and anonymously authenticating the data carrier to the terminal device using the secret session key (SKSession) in the data carrier and the public session key (PKSession) in the terminal device, wherein the terminal device verifies the public session key (PKSession) by a certificate (CPK) of the public group key (PK), which certificate is stored in the data carrier, by the terminal device checking the certificate (CpK) and reconstructing the derivation of the public session key (PKSession) from the public group key (PK) via the public key (PKi) individual to the data carrier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 16)
-
-
11. A portable data carrier, comprising:
- a processor, a memory, a data communication interface, and an authentication device,
wherein the data communication interface is configured to provide data communication with a terminal device, and wherein the authentication device is configured to derive a public session key (PKSession) from a public key (PKi) individual to the data carrier that is stored in the memory, the public key (PKi) being derived from a public group key (PK), derive a secret session key (PKSession) from a secret key (SKi) individual to the data carrier that is stored in the memory, the secret key (SKi) being derived from a secret group key (SK), and anonymously authenticate the data carrier to the terminal device using the secret session key (SKSession) within the framework of an authentication to the terminal device, and wherein the data carrier stores a certificate (CPK) of the public group key (PK), the certificate (CPK) of the public group key (PK) being configured to be used by the terminal device in the authentication of the portable data carrier for verifying the public session key (PKSession), by checking the certificate (CPK) and reconstructing the derivation of the public session key (PKSession) from the public group key (PK) via the public key (PKi) individual to the data carrier. - View Dependent Claims (12, 13, 14, 15)
- a processor, a memory, a data communication interface, and an authentication device,
Specification