Device authentication
First Claim
1. A method for the authentication of a first and a second device by a third device, the first and the second devices each possessing a shared secret key value h, each of the devices having available to it a public key P, selected such that the operation of deriving the secret key value h from the product hP is a computationally difficult operation, the method comprising the steps of the first and the second device communicating a set of values to each other using the third device, such that the first device is able to calculate a first expression with a value equivalent to the product hP and the second device is able to calculate a second expression with a value equal to the product hP, the third device retaining copies of the values being communicated between the first and the second device, the method further comprising the step of the third device calculating and comparing the values of the first expression and of the second expression to authenticate the first and the second devices.
4 Assignments
0 Petitions
Accused Products
Abstract
Authentication of two devices in communication with a third device is achieved where the first and second devices each possess a shared secret value. The authentication includes communication of authentication values from the first device to the second device using the third device. Similarly, there is communication of values from the second device to the first device using the third device. The third device retains the communicated values. The values are calculated to permit the third device to authenticate the first and second devices without the third device receiving the shared secret value. The authentication may be used to establish a communications channel between the first and the second devices.
13 Citations
26 Claims
- 1. A method for the authentication of a first and a second device by a third device, the first and the second devices each possessing a shared secret key value h, each of the devices having available to it a public key P, selected such that the operation of deriving the secret key value h from the product hP is a computationally difficult operation, the method comprising the steps of the first and the second device communicating a set of values to each other using the third device, such that the first device is able to calculate a first expression with a value equivalent to the product hP and the second device is able to calculate a second expression with a value equal to the product hP, the third device retaining copies of the values being communicated between the first and the second device, the method further comprising the step of the third device calculating and comparing the values of the first expression and of the second expression to authenticate the first and the second devices.
-
4. A method for the authentication of a first and a second device by a third device, the first and second devices each possessing a shared secret key value h, each of the devices is operative to carry out mathematical operations on defined groups E(Fq) and Zp, where Fq is a finite field of prime order q, including scalar multiplication defined with reference to the group, the method comprising the steps of:
-
a) obtaining a public key P, such that P generates a prime subgroup of the group E(Fq) of order p, and making available to each of the devices the public key P, b) the first device obtaining a random value rD such that 1<
rD<
p−
1, and calculating a value RD=rDP,c) the first device communicating the value RD to the third device, d) the third device retaining a copy of the value RD and forwarding the value RD to the second device, e) the second device obtaining a random value rB such that 1<
rB<
p−
1, and calculating a value RB=rBP, where RB is determined such that it is not equal to RD, the second device obtaining a random value eD such that 1<
eD<
p−
1, the second device communicating the values rD and RB to the third device,f) the third device retaining copies of the values RB and rD forwarding the said values to the first device, g) the first device calculating a value yD=h−
eDrD mod p, the first device obtaining a random value eB such that 1<
eB<
p−
1, the first device communicating values yD and eB to the third device,h) the third device retaining copies of the values yD and eB forwarding the said values to the second device, i) the second device calculating a value yB=h−
eBrB mod p, the second device communicating the value yB to the third device, andj) the third device authenticating the first and second devices when the condition yBP+eBRB=yDP+eDRD is satisfied. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 21)
-
-
22. A system comprising a first device, a second device, and a third device, the first and the second devices each possessing a shared secret key value h, each of the devices having available to it a public key P, selected such that the operation of deriving the secret key value h from the product hP is a computationally difficult operation, the first device, the second device and the third device each comprising memory units and processors for storing and executing program code,
the program code code being operative to cause communication of a set of values between the first device and the second device using the third device, the program code being operative to cause the first device to calculate a first expression with a value equivalent to the product hP and the second device to calculate a second expression with a value equal to the product hP, the program code being operative to cause the third device to retain copies of the values being communicated between the first and the second device, and the program code being operative to cause the third device to calculate and compare the values of the first expression and of the second expression to authenticate the first and the second devices.
-
25. A system comprising a first device, a second device, and a third device, the first and second devices each possessing a shared secret key value h, each of the devices being operative to carry out mathematical operations on defined groups E(Fq) and Zp, where Fq is a finite field of prime order q, including scalar multiplication defined with reference to the group, the first device, the second device and the third device each comprising memory units and processors for storing and executing program code
a) the program code being operative to obtain a public key P, such that P generates a prime subgroup of the group E(Fq) of order p, and to make available to each of the devices the public key P, b) the program code being operative to cause the first device to obtain a random value rD such that 1< - rD<
p−
1, and to calculate a value RD=rDP,c) the program code being operative to cause the first device to communicate the value RD to the third device, d) the program code being operative to cause the third device to retain a copy of the value RD and to forward the value RD to the second device, e) the program code being operative to cause the second device to obtain a random value rB such that 1<
rB<
p−
1, and to calculate a value RB=rBP, where RB is determined such that it is not equal to RD, and to cause the second device to obtain a random value eD such that 1<
eD<
p−
1, and to communicate the values rD and RB to the third device,f) the program code being operative to cause the third device to retain copies of the values RB and rD and to forward the said values to the first device, g) the program code being operative to cause the first device to calculate a value yD=h−
eDrD mod p, to cause the first device to obtain a random value eB such that 1<
eB<
p−
1, and to cause the first device to communicate values yD and eB to the third device,h) the program code being operative to cause the third device to retain copies of the values yD and eB and to forward the said values to the second device, i) the program code being operative to cause the second device to calculate a value yB=h−
eBrB mod p, and to cause the second device to communicate the value yB to the third device, andj) the program code being operative to cause the third device to authenticate the first and second devices when the condition yBP+eBRB=yDP+eDRD is satisfied. - View Dependent Claims (26)
- rD<
Specification