Authentication protocols in communication networks

Assignee

• International Business Machines Corporation · US

Inventors

• Raymond F. Bird · Durham, US
• Inder S. Gopal · New York, US
• Philippe A. Janson · Wetzikon, CH
• Shay Kutten · Rockaway, US
• Refik Molva · Antibes, FR
• Marcel M. Moti Yung · New York, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2103
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An arrangement of authenticating communications network users and means for carrying out the arrangement. A first challenge N1 is transmitted from a first user A to a second user B. In response to the first challenge, B transmits a first response and second challenge N2 to A. A verifies the first response. A then generates and transmits a second response to the second challenge to B, where the second response is verified. The first response must be of a minimum form EQU f(S1, N1, . . . ), and the second response must be of the minimum form EQU g(S2, N2, . . . ). S1 and S2 are shared secrets between A and B. f() and g() are selected such that the equation EQU f'(s1,N1', . . . )=g(S2, N2) cannot be solved for N1' without knowledge of S1 and S2. f'() and N1' represent expressions on a second reference connection. Preferably, the function f() may include the direction D1 of the flow of the message containing f(), as in f(s1, N1, D1, . . . ). In such a case, f() is selected such that the equation EQU f'(S,N1',D1', . . . )=f(S, N2, D1, . . . ) cannot be solved for N1' without knowledge of S1 and S2 and D1' is the flow direction indicator of the message containing f'() on the reference co…