Method and apparatus for providing peer authentication for an internet key exchange

US 7,269,730 B2
Filed: 04/18/2002
Issued: 09/11/2007
Est. Priority Date: 04/18/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprising:

an initiator sending a responder a message claiming an identity associated with a secret key;

providing an authentication field and a random number field from the responder to the initiator;

the initiator authenticating the responder based at least in part on the authentication field derived from the secret key without revealing the secret key; and

the responder authenticating the initiator based at least in part on a result field derived from the secret key without revealing the secret key;

wherein the secret key and the identity are provided out-of-band to both the initiator and at least one other entity, whereby the identity is associated with the secret key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A protocol for use as a phase 1 authentication (and key agreement) IKE protocol, similar to IKE phase 1 authentication with public key encryption, but using the IMS AKA trust infrastructure instead of the PKI trust infrastructure. The invention thus allows an initiator (11) having a secret long-term key stored on a smart cart (11a), to authenticate a responder (12), the responder (12) having in some cases a trusted interface with a Home Subscriber Server (14) that has a copy (14a) of the initiator'"'"'s long-term key (and in other cases having itself access to the initiator'"'"'s long-term key). The protocol includes a Diffie-Hellman exchange, and by authenticating the initiator (11) and responder (12), the protocol authenticates the exchange.

20 Citations

View as Search Results

24 Claims

1. A method, comprising:
- an initiator sending a responder a message claiming an identity associated with a secret key;
  
  providing an authentication field and a random number field from the responder to the initiator;
  
  the initiator authenticating the responder based at least in part on the authentication field derived from the secret key without revealing the secret key; and
  
  the responder authenticating the initiator based at least in part on a result field derived from the secret key without revealing the secret key;
  
  wherein the secret key and the identity are provided out-of-band to both the initiator and at least one other entity, whereby the identity is associated with the secret key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein, the result field is determined by the initiator using the secret key, but the authentication field is provided to the responder by a third-party entity distinct from the responder and trusted by the responder.
  - 3. The method of claim 1,wherein the responder provides the authentication field and the random number field to the initiator, in response to a message flow from the initiator and also in response to the authentication field and the random number field provided by a third-party entity;
    - andwherein the initiator authenticates the responder based on information conveyed by the authentication field and also based on the random number field.
  - 4. The method of claim 1, further comprising:
    - a third-party entity deriving the authentication field from the secret key.
  - 5. The method of claim 1, further comprising:
    - a third-party entity sending a message including an expected result field to the responder; and
      
      the responder using the result field to test whether the initiator is authentic by comparing the result field with the expected result field.
  - 6. The method of claim 1, further comprising:
    - the initiator calculating the result field based on the secret key and the random number field if the initiator determines the responder to be authentic.
  - 7. The method of claim 1, wherein in performing authentication, the authentication field and the result field are determined by the initiator using the secret key and also by the responder using the secret key.
  - 8. The method of claim 1, wherein a shared secret is obtained based at least in part on the random number which is derived from, without revealing, the secret key.
  - 9. An initiator apparatus, operative according to the method of claim 1 in respect to the initiator.
  - 10. A responder apparatus, operative according to the method of claim 1 in respect to the responder.
  - 11. A responder apparatus, operative according to the method of claim 2 in respect to the responder.
  - 12. A digital communication system including an initiator apparatus, a responder apparatus, and a third-party entity apparatus, wherein the initiator apparatus, the responder apparatus and the third-party entity apparatus are operative according to the method of claim 2 in respect to the initiator, the responder, and the third-party entity respectively.
  - 13. A digital communication system including an initiator apparatus and a responder apparatus, characterized in that the initiator apparatus and the responder apparatus are operative according to the method of claim 1 in respect to the initiator and the responder respectively.
  - 14. A method as in claim 1, wherein the authentication field and the result field are also derived from a random number and a sequence number using a predetermined set of functions.

15. An apparatus comprising:
- a card for providing a message claiming an identity associated with a secret key for transmission;
  
  a receiver for receiving an authentication field and a random number field from a device in communication with the apparatus; and
  
  a module for performing authentication of the device in communication with the apparatus based on the authentication field which is derived from the secret key without revealing the secret key;
  
  wherein the secret key and identity are provided out-of-band to the apparatus and at least one other entity.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
- - 16. The apparatus of claim 15, wherein the module is configured to determine a result field based at least on the secret.
  - 17. The apparatus of claim 15, wherein the device is configured for receiving the secret key from a third-party entity distinct from and trusted by the device.
  - 18. The apparatus of claim 15,wherein the module is responsive to the authentication field and the random number field for testing whether the device is authentic based on information conveyed by the authentication field and also based on the random number field.
  - 19. The apparatus of claim 15, further comprising:
    - a receiver for receiving an expected result field from the third-party entity; and
      
      wherein the module is configured to use a result field to test whether the device is authentic by comparing the result field with the expected result field.
  - 20. The apparatus of claim 15, wherein the module is configured to calculate a result field based on the secret key and the random number field if the apparatus determines the device to be authentic.
  - 21. The apparatus of claim 15, wherein a shared secret is obtained based on information derived from, but not revealing, the secret key.
  - 22. The apparatus of claim 15, wherein the module is configured to use a predetermined set of functions to derive information from a random number and a sequence number.

23. An apparatus comprising:
- means for providing a message claiming an identity associated with a secret key for transmission;
  
  means for receiving an authentication field and a random number field from a device in communication with the apparatus, andmeans for performing authentication of the device in communication with the apparatus based on the authentication field which is derived from the secret key without revealing the secret key;
  
  wherein the secret key and identity are provided out-of-band to the apparatus and at least one other entity.
- View Dependent Claims (24)
- - 24. The apparatus of claim 23, further comprising means for determining a result field based at least in part on the secret key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Corporation
Original Assignee
Nokia Corporation
Inventors
Stirbu, Vlad Alexandru
Primary Examiner(s)
Barrón, Jr.; Gilberto
Assistant Examiner(s)
LASHLEY, LAUREL L

Application Number

US10/127,342
Publication Number

US 20030200433A1
Time in Patent Office

1,972 Days
Field of Search

None
US Class Current

713/169
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 2463/081   applying self-generating cr...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0869   for achieving mutual authen...

H04L 9/0844   with user authentication or...

H04L 9/3271   using challenge-response

H04W 12/041   Key generation or derivation

H04W 12/0471   Key exchange

H04W 12/069   using certificates or pre-s...

Method and apparatus for providing peer authentication for an internet key exchange

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

20 Citations

24 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for providing peer authentication for an internet key exchange

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

24 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others