Command authentication process
First Claim
1. In a system comprising a master station and a slave station, wherein said master station includes a first processor, a first transmitter, a first receiver and a first memory,wherein said slave station includes a second processor, a second transmitters, a second receiver and a second memory,a method for communicating commands from said master station to said slave station so that said commands can be authenticated by said slave station, said method comprising steps of:
- (a) receiving by said first receiver in said master station a first code pad common with a second code pad stored in said second memory in said slave station;
(b) storing said first code pad in said first memory;
(c) combining said first code pad with said command by said first processor to form a message; and
(d) transmitting said message by said first transmitter to said slave station.
3 Assignments
0 Petitions
Accused Products
Abstract
A slave station, such as an orbiting satellite, and a master station, such as a ground control station, have their own lists of random pads. The master and slave station lists are identical. When the master station sends a critical command to the slave station, a selected one of the pads is combined with the command and transmitted to the slave station as a data communication message. Each pad is used only once. The slave station evaluates the received pad value using its version of the same selected pad. If the evaluation detects correspondence, then the command is authenticated and the slave station acts upon the command. The random pads are generated by the slave station. They are encrypted using an asymmetric encryption process and transmitted to the master station so that the master and slave stations will operate on common sets of pads.
114 Citations
49 Claims
-
1. In a system comprising a master station and a slave station, wherein said master station includes a first processor, a first transmitter, a first receiver and a first memory,
wherein said slave station includes a second processor, a second transmitters, a second receiver and a second memory, a method for communicating commands from said master station to said slave station so that said commands can be authenticated by said slave station, said method comprising steps of: -
(a) receiving by said first receiver in said master station a first code pad common with a second code pad stored in said second memory in said slave station; (b) storing said first code pad in said first memory; (c) combining said first code pad with said command by said first processor to form a message; and (d) transmitting said message by said first transmitter to said slave station. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. In a system comprising a master station and a slave station,
wherein said master station includes a first processor, a first transmitter, a first receiver and a first memory, and wherein said slave station includes a second processor, a second transmitter, a second receiver and a second memory, a method for operating said slave station to authenticate commands received from said slave station prior to carrying out instructions communicated thereby, said method comprising steps of: -
(a) generating a first code pad by said second processor; (b) storing said first code pad in said second memory to provide a stored code pad; (c) transmitting said first code pad to said master station by said second transmitter; (d) receiving a data communication message from said master station by said second receiver; (e) recovering a command and a code pad from said data communication message by said second processor to provide a recovered command and a recovered code pad; (f) authenticating said data communication message by said second processor by evaluating said recovered code pad to detect a correspondence between said recovered code pad and said stored code pad; and (g) refraining from acting upon said recovered command if said step (f) fails to detect said correspondence. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. In a system comprising a master station and a slave device,
wherein said master device includes a first processor, a first transmitter, a first receiver and a first memory, and wherein said slave device is located remote from said master device and said slave device includes a second processor, a second transmitter, a second receiver and a second memory, a method of authenticating commands communicated between said master device and said slave device, said method comprising steps of: -
(a) generating by said second processor in slave device, a first set of random code pads; (b) storing said first set of random code pads in said second memory in said slave device; (c) transmitting said first set of random code pads from said slave device to said master device by said second transmitter; (d) receiving said first set of random code pads by said first receiver in said master device to provide a second set of random code pads common with said first set of random code pads; (e) storing said second set of random code pads from said message in said first memory; (f) transmitting a message by said first transmitter in said master device to said slave device, said message including a command and a first selected one of said second set of random code pads; (g) receiving said message by said second receiver in said slave device; (h) recovering a code pad from said message by said second processor to provide a recovered code pad; (i) evaluating said recovered code pad by said second processor to detect a correspondence between said recovered code pad and a second selected code pad common with said first selected code pad; and (j) refraining from executing said command by said second processor in said slave device if said step (i) fails to detect said correspondence. - View Dependent Claims (25, 26, 27, 28)
-
-
29. In a system comprising a master station and a remotely located slave station,
wherein said master station includes a first transmitter for sending command to said slave station, a first receiver for receiving information from said slave station and a first memory, wherein said slave station includes a second transmitter for sending information to said master station, a second receiver for receiving command from said master station and a second memory; a method for communicating a command from said master station to said slave station so that said command can be authenticated before being executed by said slave station, said method comprising steps of; (a) receiving from said slave station and storing in said first memory, a first code table having multiple entries common with a second code table stored in said second memory in said slave station; (b) receiving from said slave station and storing in said first memory, a first index value identifying a particular entry in said first code table and a corresponding entry in said second code table; (c) obtaining said command desired to be executed by said slave station; (d) retrieving from said first memory said particular entry in said first code table identified by said first index value; (e) combining in said first processor said particular entry in said first code table with said command to form an encrypted command message for transmission to said slave station, wherein different code table entries produce substantially different ciphertext even for identical plaintext; and (f) using said first transmitter, transmitting said encrypted command message to said slave station for authentication utilizing said corresponding entry in said second code table identified by said first index value before execution of said command by said slave station. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
40. In a system comprising a master station and a remotely located slave station,
wherein said slave station includes a first transmitter for sending information to said master station, a first receiver for receiving information from said master station and a first memory, wherein said master station includes a second transmitter for sending information to said slave station, a second receiver for receiving information from said slave station and a second memory, a method for operating said slave station so that commands or messages received from said master station can be authenticated before being executed or processed by said slave station, said method comprising steps of: -
(a) generating in said slave station, a code table containing multiple entries; (b) storing said code table in said first memory; (c) transmitting by said first transmitter a copy of said code table to said master station for storage in said second memory, so that said master station and slave station have common code tables; (d) transmitting by said first transmitter to said master station an index value referring to a particular entry in said common code tables; (e) receiving from said master station a message containing at least an authentication code and a command from said master station to said slave station to change the operation of said slave station, said message having been encrypted using a master station code table entry related in a predetermined way to a most recently transmitted index value, said encrypted message having substantially different ciphertext for the same plaintext; (f) decrypting said message from said master station in said slave station to retrieve a recovered command and a recovered authentication code, using a slave station code table entry related in said predetermined way to said most recently transmitted index value; (g) comparing said recovered authentication code with a predetermined list of authentication codes in said slave station to detect a correspondence; and (h) when said correspondence is detected, authenticating the command to provide an authenticated command and altering the operation of said slave station by executing said authenticated command. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48, 49)
-
Specification