Password-based cryptographic method and apparatus
First Claim
1. A cryptographic method effected between first and second parties acting through respective computing entities, the first party having a specified identity, a secret password, and a long-term password-based public key that is dependent on at least said password and a master secret of the second party;
- the method comprising;
the first party generating a short-term random secret x, and then computing and supplying to the second party, a short-term password-based public key that requires for its computation direct knowledge of the first party'"'"'s password and secret x;
the second party transforming the short-term password-based public key into an element X, complementary to x but from which recovery of x is computationally infeasible, by using its master secret and at least a first-party-specific constituent of the first party'"'"'s long-term password-based public key that is associated with the specified identity of the first party; and
using the secret x and element X to provide matching keys for the parties.
1 Assignment
0 Petitions
Accused Products
Abstract
A password-based cryptographic method is effected between a first party with a specified identity and secret password and a second party with a master secret. During a registration phase, a long-term password-based public key is generated for the first party from its password and the master secret of the second party. Subsequently, to generate matching keys, asymmetric or symmetric, for the parties for a specific interaction, the first party generates short-term secret x, and computes a short-term password-based public key that requires for its computation direct knowledge of the first party'"'"'s password and secrets x; the second party then transforms this short-term password-based public key into an clement X, complimentary to x, by using its master secret and at least a first-party-specific constituent of the first party'"'"'s long-term password-based public key. The secret x and element X are then used to provide matching keys for the parties.
85 Citations
26 Claims
-
1. A cryptographic method effected between first and second parties acting through respective computing entities, the first party having a specified identity, a secret password, and a long-term password-based public key that is dependent on at least said password and a master secret of the second party;
- the method comprising;
the first party generating a short-term random secret x, and then computing and supplying to the second party, a short-term password-based public key that requires for its computation direct knowledge of the first party'"'"'s password and secret x; the second party transforming the short-term password-based public key into an element X, complementary to x but from which recovery of x is computationally infeasible, by using its master secret and at least a first-party-specific constituent of the first party'"'"'s long-term password-based public key that is associated with the specified identity of the first party; and using the secret x and element X to provide matching keys for the parties. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 25)
- the method comprising;
-
20. Apparatus comprising a first computing entity associated with a first party that has a specified identity, a secret password, and a long-term password-based public key, a second computing entity with an associated master secret, and a network over which the computing entities can communicate;
- wherein the first party'"'"'s long-term password-based public key is dependent on at least the first party'"'"'s password and the second party'"'"'s master secret; and
further wherein, in order to generate matching keys, asymmetric or symmetric, for a specific interaction between the first party and the second computing entity;the first computing entity is arranged to generate a short-term random secret x, and then compute and supply to the second party, a first-party short-term password-based public key that requires for its computation direct knowledge of the first party'"'"'s password and the secret x; the second computing entity is arranged to transform the short-term password-based public key into an element X, complementary to x but from which recovery of x is computationally infeasible, by using its master secret and at least a first-party-specific constituent of the first party'"'"'s long-term password-based public key that is associated with the specified identity of the first party; and the computing entities using the secret x and element X to provide said matching keys. - View Dependent Claims (26)
- wherein the first party'"'"'s long-term password-based public key is dependent on at least the first party'"'"'s password and the second party'"'"'s master secret; and
-
21. A password-based authenticated cryptographic method, comprising:
-
during a registration phase in which a first party, with a specified identity and secret password, registers with a second party, generating a long-term password-based public key in dependence on at least said password and a master secret of the second party; during an operational phase; the first party generating a short-term random secret x, and then computing and supplying to the second party, a short-term password-based public key that requires for its computation direct knowledge of the first party'"'"'s password and its secret x; the second party transforming the short-term password-based public key into an element X of the form (public parameter)x from which recovery of x is computationally infeasible, by using its master secret and at least a first-party-specific constituent of the first party'"'"'s long-term password-based public key that is associated with the specified identity of the first party; and using the secret x and element X to provide matching keys for the parties; the first and second parties acting through respective computing entities. - View Dependent Claims (22, 23, 24)
-
Specification