Establishing secure mutual trust using an insecure password

Assignee

• Microsoft Corporation · US

Inventors

• Harry S. Pyle · Bellevue, US
• Bruce L. Lieberman · Bellevue, US
• Daniel R. Simon · Redmond, US
• Guillaume Simonnet · Bellevue, US
• William Dollar · Seattle, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/3273
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A process for establishing secure mutual trust includes generating a one-time-password. The one-time-password is transferred between the devices in a communication occurring off of the network. Each device generates a set of authenticators by hashing a plurality of sub-strings of the password and the device's authentication certificate with a respective set of nonces. The devices exchange the respective sets of authenticators. Each device then alternates revealing its respective set of nonces and its authentication certificate in a multi-stage process. The devices re-calculate the authenticators based upon the respective set of nonces and authentication certificate revealed by the other device along with the one-time-password sub-strings that it posses. If each device determines that the authenticators re-calculated by the given device matches the authenticators previously received from the other device, secure mutual trust is established.