Efficient methods for protecting identity in authenticated transmissions
First Claim
Patent Images
1. An access device comprising:
- a processor; and
a non-transitory computer-readable storage medium comprising code executable by the processor for implementing a method comprising;
sending a request message including an access device public key to a user device, wherein the sending of the request message occurs before sending any other message requiring the user device to perform a cryptographic operation during a communication session, wherein the access device public key is associated with an access device private key, wherein the access device public key and the access device private key form an ephemeral key pair;
receiving a response message including a blinded user device public key and encrypted user device data from the user device, wherein the receiving of the response message occurs before receiving any other message from the user device during the communication session, the response message being received in response to the sending of the request message, wherein the blinded user device public key is generated by the user device using a user device public key and a cryptographic nonce, and wherein the encrypted user device data is encrypted by the user device using a shared secret, the shared secret being different from the cryptographic nonce;
generating the shared secret using the access device private key and the blinded user device public key, wherein the ephemeral key pair is deleted after the shared secret is generated;
decrypting the encrypted user device data using the shared secret; and
associating the shared secret with the user device, wherein the shared secret is used to derive encryption keys for decrypting subsequent user device data received from the user device.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are provided for protecting identity in an authenticated data transmission. For example, a contactless transaction between a portable user device and an access device may be conducted without exposing the portable user device'"'"'s public key in cleartext. In one embodiment, an access device may send an access device public key to a portable user device. The user device may return a blinded user device public key and encrypted user device data. The access device may determine a shared secret using the blinded user device public key and an access device private key. The access device may then decrypt the encrypted user device data using the shared secret.
-
Citations
17 Claims
-
1. An access device comprising:
-
a processor; and a non-transitory computer-readable storage medium comprising code executable by the processor for implementing a method comprising; sending a request message including an access device public key to a user device, wherein the sending of the request message occurs before sending any other message requiring the user device to perform a cryptographic operation during a communication session, wherein the access device public key is associated with an access device private key, wherein the access device public key and the access device private key form an ephemeral key pair; receiving a response message including a blinded user device public key and encrypted user device data from the user device, wherein the receiving of the response message occurs before receiving any other message from the user device during the communication session, the response message being received in response to the sending of the request message, wherein the blinded user device public key is generated by the user device using a user device public key and a cryptographic nonce, and wherein the encrypted user device data is encrypted by the user device using a shared secret, the shared secret being different from the cryptographic nonce; generating the shared secret using the access device private key and the blinded user device public key, wherein the ephemeral key pair is deleted after the shared secret is generated; decrypting the encrypted user device data using the shared secret; and associating the shared secret with the user device, wherein the shared secret is used to derive encryption keys for decrypting subsequent user device data received from the user device. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-implemented method comprising:
-
sending, by an access device having one or more processors, a request message including an access device public key to a user device, wherein the sending of the request message occurs before sending any other message requiring the user device to perform a cryptographic operation during a communication session, wherein the access device public key is associated with an access device private key, wherein the access device public key and the access device private key form an ephemeral key pair; receiving, by the access device, a response message including a blinded user device public key and encrypted user device data from the user device, wherein the receiving of the response message occurs before receiving any other message from the user device during the communication session, the response message being received in response to the sending of the request message, wherein the blinded user device public key is generated by the user device using a user device public key and a cryptographic nonce, and wherein the encrypted user device data is encrypted by the user device using a shared secret, the shared secret being different from the cryptographic nonce; generating, by the access device, the shared secret using the access device private key and the blinded user device public key, wherein the shared secret is known to the user device, wherein the ephemeral key pair is deleted after the shared secret is generated; and associating the shared secret with the user device, wherein the shared secret is used to derive encryption keys for decrypting subsequent user device data received from the user device. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A computer-implemented method comprising:
-
receiving, by a user device, a request message including an access device public key from an access device, wherein the access device public key is an ephemeral public key, wherein the receiving of the request message occurs before receiving any other message requiring the user device to perform a cryptographic operation during a communication session; generating, by the user device, a shared secret using the access device public key, a user device private key, and a cryptographic nonce, the shared secret being different from the cryptographic nonce; deleting, by the user device, the access device public key after the shared secret is generated; generating, by the user device, a blinded user device public key using a user device public key and the cryptographic nonce; encrypting, by the user device, user device data using the shared secret; sending, by the user device, a response message including the blinded user device public key and the encrypted user device data to the access device in response to the receiving of the request message, thereby allowing the access device to generate the shared secret using the blinded user device public key and an access device private key corresponding to the access device public key and to decrypt the encrypted user device data using the shared secret, wherein the sending of the response message occurs before sending any other message to the access device during the communication session; and associating the shared secret with the access device, wherein the shared secret is used to derive encryption keys for decrypting subsequent access device data received from the access device. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification