×

Challenge-response authentication of a cryptographic device

  • US 9,154,480 B1
  • Filed: 12/12/2012
  • Issued: 10/06/2015
  • Est. Priority Date: 12/12/2012
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method performed by a first cryptographic device, comprising:

  • in a registration mode of operation;

    generating a set of challenges, wherein the set of challenges comprises n randomly selected multi-bit values, wherein a given one of the n randomly selected multi-bit values comprises a k-bit randomly selected value, and wherein n and k are security parameters denoting the number of challenges generated by the first cryptographic device and the length of the given challenge generated by the first cryptographic device, respectively;

    sending the challenges to a second cryptographic device, the second cryptographic device comprising a key-based cryptographic module that utilizes one or more secret keys;

    receiving from the second cryptographic device a set of first responses, each first response corresponding to a respective one of the challenges; and

    storing information characterizing the first responses; and

    in an authentication mode of operation;

    sending a selected one of the challenges to the second cryptographic device;

    receiving from the second cryptographic device a second response to the selected challenge; and

    authenticating the second cryptographic device utilizing the second response and the stored information;

    wherein the first cryptographic device generates the challenges in the registration mode of operation without having knowledge of values of said one or more secret keys of the key-based cryptographic module of the second cryptographic device;

    wherein the first responses received from the second cryptographic device are based at least in part on at least one of said one or more secret keys of the key-based cryptographic module of the second cryptographic device; and

    wherein the first cryptographic device is configured to authenticate the second cryptographic device in the authentication mode of operation using the second response without having knowledge of the values of said one or more secret keys of the key-based cryptographic module of the second cryptographic device.

View all claims
  • 18 Assignments
Timeline View
Assignment View
    ×
    ×