WO2009041804A3 - Secure instant messaging - Google Patents

Secure instant messaging Download PDF

Info

Publication number
WO2009041804A3
WO2009041804A3 PCT/MY2008/000114 MY2008000114W WO2009041804A3 WO 2009041804 A3 WO2009041804 A3 WO 2009041804A3 MY 2008000114 W MY2008000114 W MY 2008000114W WO 2009041804 A3 WO2009041804 A3 WO 2009041804A3
Authority
WO
WIPO (PCT)
Prior art keywords
user
random number
client
public key
instant messaging
Prior art date
Application number
PCT/MY2008/000114
Other languages
French (fr)
Other versions
WO2009041804A8 (en
WO2009041804A2 (en
Inventor
Kang Siong Ng
Chong Seak Sea
Azhar Abu Talib
Original Assignee
Mimos Berhad
Kang Siong Ng
Chong Seak Sea
Azhar Abu Talib
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad, Kang Siong Ng, Chong Seak Sea, Azhar Abu Talib filed Critical Mimos Berhad
Publication of WO2009041804A2 publication Critical patent/WO2009041804A2/en
Publication of WO2009041804A3 publication Critical patent/WO2009041804A3/en
Publication of WO2009041804A8 publication Critical patent/WO2009041804A8/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Abstract

A setup for secure instant messaging allowing a user to use a smart card (32a) to authenticate its identification is described. A server (21) generates a random number and a network sends the random number to a user's client (31a). The smart card (32a) stores a unique private key for each user and encrypts the random number with a user's private key. A database (11) provides a public key. The server (21) decrypts the random number with the public key, compares the decrypted number with the random number, whereby same number validates the users identity to establish a secure connection between validated user's client and server, allowing a user to log onto a secure instant messaging network. A user can also retrieve peer user's internet protocol and public key to establish a client-to-client connection, where the data communicated between them can be encrypted using the peer's public key and can only be decrypted using the user's private key stored in the user's smart card (32a). A breakdown detection feature is also described.
PCT/MY2008/000114 2007-09-26 2008-09-25 Secure instant messaging WO2009041804A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI20071621 2007-09-26
MYPI20071621 2007-09-26

Publications (3)

Publication Number Publication Date
WO2009041804A2 WO2009041804A2 (en) 2009-04-02
WO2009041804A3 true WO2009041804A3 (en) 2009-05-22
WO2009041804A8 WO2009041804A8 (en) 2009-07-30

Family

ID=40512039

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2008/000114 WO2009041804A2 (en) 2007-09-26 2008-09-25 Secure instant messaging

Country Status (1)

Country Link
WO (1) WO2009041804A2 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120047262A1 (en) * 2009-04-27 2012-02-23 Koninklijke Kpn N.V. Managing Undesired Service Requests in a Network
CN101958969B (en) * 2010-07-28 2014-02-05 中兴通讯股份有限公司 Wireless communication terminal and method thereof for binding with user interface (UI)
US10433168B2 (en) * 2015-12-22 2019-10-01 Quanta Computer Inc. Method and system for combination wireless and smartcard authorization
KR101914650B1 (en) 2018-03-13 2018-11-02 주식회사 케이비저축은행 Radio link authenticationsystem and methods using Devices and automationdevices

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11353280A (en) * 1998-06-10 1999-12-24 Hitachi Ltd Identity confirmation method and system by means of encipherment of secret data
KR20020045003A (en) * 2000-12-07 2002-06-19 이계철 Countermeasure Against Denial-of-Service Attack in Authentication Protocols Using Public-Key Encryption
KR20050000481A (en) * 2003-06-27 2005-01-05 주식회사 케이티 Two-factor authenticated key exchange method and authentication method using the same, and recording medium storing program including the same
US20070088945A1 (en) * 2004-01-16 2007-04-19 Motoji Ohmori Authentication server, method and system for detecting unauthorized terminal

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11353280A (en) * 1998-06-10 1999-12-24 Hitachi Ltd Identity confirmation method and system by means of encipherment of secret data
KR20020045003A (en) * 2000-12-07 2002-06-19 이계철 Countermeasure Against Denial-of-Service Attack in Authentication Protocols Using Public-Key Encryption
KR20050000481A (en) * 2003-06-27 2005-01-05 주식회사 케이티 Two-factor authenticated key exchange method and authentication method using the same, and recording medium storing program including the same
US20070088945A1 (en) * 2004-01-16 2007-04-19 Motoji Ohmori Authentication server, method and system for detecting unauthorized terminal

Also Published As

Publication number Publication date
WO2009041804A8 (en) 2009-07-30
WO2009041804A2 (en) 2009-04-02

Similar Documents

Publication Publication Date Title
US9887989B2 (en) Protecting passwords and biometrics against back-end security breaches
CN102833244B (en) Communication method for authentication by fingerprint information
WO2005006629A3 (en) Terminal authentication in a wireless network
GB201223147D0 (en) Method and system for providing continued access to authentication and encryption services
WO2002093824A3 (en) Authentication method
MXPA03010477A (en) Securely processing client credentials used for web-based access to resources.
BR112017002747A2 (en) computer implemented method, and, computer system.
WO2000074297A3 (en) Method and apparatus for secure distribution of public/private key pairs
GB2496354B (en) A method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors
WO2006023151A3 (en) Method of delivering direct proof private keys to devices using an on-line service
WO2011017099A3 (en) Secure communication using asymmetric cryptography and light-weight certificates
CN101695038A (en) Method and device for detecting SSL enciphered data safety
GB201016672D0 (en) Secure exchange/authentication of electronic documents
MY130400A (en) Methods for remotely changing a communications password
RU2013140418A (en) SAFE ACCESS TO PERSONAL HEALTH RECORDS IN EMERGENCIES
CN103929434A (en) File sharing method based on encryption and permission system
DK2150915T3 (en) Security Log protocol
SG143152A1 (en) System and method for secure record protocol using shared knowledge of mobile user credentials
GB2512249A (en) Secure peer discovery and authentication using a shared secret
CN105635075A (en) Method of registering cloud terminal, cloud terminal, cloud server and cloud system
WO2009041804A3 (en) Secure instant messaging
CN108574576A (en) Across high in the clouds authentication method based on Kerberos systems
WO2007106566A3 (en) A method and apparatus to provide authentication using an authentication card
WO2002058357A3 (en) Pre-authentication of users using one-time passwords
Juang et al. Efficient password authenticated key agreement using bilinear pairings

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08833184

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08833184

Country of ref document: EP

Kind code of ref document: A2