Secure channel establishment between payment device and terminal device

Assignee

• MASTERCARD INTERNATIONAL INCORPORATED · US

Inventors

• Michael Ward · San Francisco, US
• John Beric · London, GB
• Duncan Garrett · London, GB
• David Anthony Roberts · Petworth, GB

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/3252
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method of establishing a secure channel for communication between a first computing device and a second computing device is described. The method uses an elliptic curve Diffie-Hellman protocol, wherein G is an elliptic curve generator point and the first computing device has a unique private key dc with a public key Qc=dc G certified by a party trusted by the second computing device. The first computing device generates (520) a blinding factor r and sends (540) a blinded public key R=r·Qc to the second computing device. The second computing device generates (510) an ephemeral private key dt and a corresponding ephemeral public key Qt=dt G and sends Qt to the first computing device. The first computing device generates (530) Kc=KDF(r dc·Qt) and the second computing device generates (550) Kt=KDF(dt·R), where KDF is a key derivation function used in both generation operations, to establish a secure channel between the first computing device and the second computing device. G is a point in the elliptic curve group E, wherein E is a group of prime order but E* is the quadratic twist of E and is a group of order m=z·m′ where m′ is prime and z is an integer, wherein r·dc is chosen such …