DE69221017D1 - Verfahren und Vorrichtung zur gegenseitigen Authentifizierung von Benutzern in einen Kommunikationssystem - Google Patents

Verfahren und Vorrichtung zur gegenseitigen Authentifizierung von Benutzern in einen Kommunikationssystem

Info

Publication number
DE69221017D1
DE69221017D1 DE69221017T DE69221017T DE69221017D1 DE 69221017 D1 DE69221017 D1 DE 69221017D1 DE 69221017 T DE69221017 T DE 69221017T DE 69221017 T DE69221017 T DE 69221017T DE 69221017 D1 DE69221017 D1 DE 69221017D1
Authority
DE
Germany
Prior art keywords
users
communication system
mutual authentication
authentication
mutual
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
DE69221017T
Other languages
English (en)
Other versions
DE69221017T2 (de
Inventor
Amir Herzberg
Shay Kutten
Marcel Mordechay Yung
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of DE69221017D1 publication Critical patent/DE69221017D1/de
Application granted granted Critical
Publication of DE69221017T2 publication Critical patent/DE69221017T2/de
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • H04L9/0836Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)
DE69221017T 1991-04-01 1992-03-13 Verfahren und Vorrichtung zur gegenseitigen Authentifizierung von Benutzern in einen Kommunikationssystem Expired - Fee Related DE69221017T2 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US07/678,474 US5202921A (en) 1991-04-01 1991-04-01 Method and apparatus for authenticating users of a communication system to each other

Publications (2)

Publication Number Publication Date
DE69221017D1 true DE69221017D1 (de) 1997-09-04
DE69221017T2 DE69221017T2 (de) 1998-01-15

Family

ID=24722930

Family Applications (1)

Application Number Title Priority Date Filing Date
DE69221017T Expired - Fee Related DE69221017T2 (de) 1991-04-01 1992-03-13 Verfahren und Vorrichtung zur gegenseitigen Authentifizierung von Benutzern in einen Kommunikationssystem

Country Status (4)

Country Link
US (1) US5202921A (de)
EP (1) EP0511483B1 (de)
JP (1) JPH07105791B2 (de)
DE (1) DE69221017T2 (de)

Families Citing this family (92)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0535284A1 (de) * 1991-09-30 1993-04-07 International Business Machines Corporation Verfahren und Vorrichtung zur Erweiterung der Verbindungsfähigkeit eines Kommunikationssystems
US5453601A (en) 1991-11-15 1995-09-26 Citibank, N.A. Electronic-monetary system
US7028187B1 (en) 1991-11-15 2006-04-11 Citibank, N.A. Electronic transaction apparatus for electronic commerce
US5557518A (en) 1994-04-28 1996-09-17 Citibank, N.A. Trusted agents for open electronic commerce
US5369705A (en) * 1992-06-03 1994-11-29 International Business Machines Corporation Multi-party secure session/conference
JPH07117929B2 (ja) * 1992-08-14 1995-12-18 インターナショナル・ビジネス・マシーンズ・コーポレイション 無接続セッション指向プロトコルの第1メッセージの生成システム及び方法
US5677954A (en) * 1993-07-07 1997-10-14 Ntt Mobile Communications Network, Inc. Cryptical control method for personal communication
CA2169449A1 (en) * 1993-08-13 1995-02-23 Frank Thomson Leighton Secret key exchange
US5450491A (en) * 1993-08-26 1995-09-12 At&T Corp. Authenticator card and system
EP0658021B1 (de) * 1993-12-08 2001-03-28 International Business Machines Corporation Verfahren und System zur Schlüsselverteilung und Authentifizierung in einem Datenübertragungssystem
JP3548215B2 (ja) * 1993-12-22 2004-07-28 キヤノン株式会社 通信方法及びそのシステム
FR2716323B1 (fr) * 1994-02-14 1996-05-03 France Telecom Système sécurisé d'interconnexion de réseaux locaux via un réseau de transmission public.
DE4406602C2 (de) * 1994-03-01 2000-06-29 Deutsche Telekom Ag Sicherheitssystem zum Identifizieren und Authentisieren von Kommunikationspartnern
DE4406590C2 (de) * 1994-03-01 2001-05-31 Deutsche Telekom Ag System zur Authentifizierung von Anrufern
AU697013B2 (en) * 1994-04-28 1998-09-24 Citibank, N.A. Methods of enabling secure communications among processing devices in open electronic commerce
US6088797A (en) * 1994-04-28 2000-07-11 Rosen; Sholom S. Tamper-proof electronic processing device
US5544322A (en) * 1994-05-09 1996-08-06 International Business Machines Corporation System and method for policy-based inter-realm authentication within a distributed processing system
US5475757A (en) * 1994-06-07 1995-12-12 At&T Corp. Secure data transmission method
JP3454947B2 (ja) * 1994-06-07 2003-10-06 富士通株式会社 パーソナル通信サービス分散制御システム
DE4442357A1 (de) * 1994-11-29 1996-06-05 Deutsche Telekom Ag Verfahren und Anordnung zur Sicherung von Daten
US5911080A (en) * 1994-11-30 1999-06-08 Samsung Electronics Co., Ltd. Computer system whose power supply is controlled by an identification card and a method of supplying power to the computer system
US5625692A (en) * 1995-01-23 1997-04-29 International Business Machines Corporation Method and system for a public key cryptosystem having proactive, robust, and recoverable distributed threshold secret sharing
DE19511298B4 (de) * 1995-03-28 2005-08-18 Deutsche Telekom Ag Verfahren zur Erteilung und zum Entzug der Berechtigung zum Empfang von Rundfunksendungen und Decoder
US5742682A (en) 1995-03-31 1998-04-21 Pitney Bowes Inc. Method of manufacturing secure boxes in a key management system
US5745886A (en) * 1995-06-07 1998-04-28 Citibank, N.A. Trusted agents for open distribution of electronic money
DE19523466C1 (de) * 1995-06-28 1997-04-03 Informatikzentrum Der Sparkass Verfahren zur gegenseitigen Authentifikation von elektronischen Partnern mit einem Rechnersystem
US5671280A (en) * 1995-08-30 1997-09-23 Citibank, N.A. System and method for commercial payments using trusted agents
US20050027618A1 (en) * 1996-01-17 2005-02-03 Privacy Infrastructure, Inc. Third party privacy system
US6119101A (en) * 1996-01-17 2000-09-12 Personal Agents, Inc. Intelligent agents for electronic commerce
US6286002B1 (en) 1996-01-17 2001-09-04 @Yourcommand System and method for storing and searching buy and sell information of a marketplace
KR19990082665A (ko) * 1996-02-21 1999-11-25 오오노 도시오 공통키 통신방법
US6002768A (en) * 1996-05-07 1999-12-14 International Computer Science Institute Distributed registration and key distribution system and method
US6519723B1 (en) * 1996-09-27 2003-02-11 Applied Digital Access, Inc. Firewall performance monitoring and limited access system
US6051501A (en) * 1996-10-09 2000-04-18 Micron Technology, Inc. Method of reducing overetch during the formation of a semiconductor device
US6061790A (en) * 1996-11-20 2000-05-09 Starfish Software, Inc. Network computer system with remote user data encipher methodology
US5905861A (en) * 1996-12-02 1999-05-18 Lovell; William S. Data authentication circuit
US6021496A (en) * 1997-07-07 2000-02-01 International Business Machines Corporation User authentication from non-native server domains in a computer network
US5948064A (en) * 1997-07-07 1999-09-07 International Business Machines Corporation Discovery of authentication server domains in a computer network
US6418466B1 (en) 1997-07-10 2002-07-09 International Business Machines Corporation Management of authentication discovery policy in a computer network
US6076163A (en) * 1997-10-20 2000-06-13 Rsa Security Inc. Secure user identification based on constrained polynomials
US6084967A (en) * 1997-10-29 2000-07-04 Motorola, Inc. Radio telecommunication device and method of authenticating a user with a voice authentication token
US6084968A (en) * 1997-10-29 2000-07-04 Motorola, Inc. Security token and method for wireless applications
US6148342A (en) * 1998-01-27 2000-11-14 Ho; Andrew P. Secure database management system for confidential records using separately encrypted identifier and access request
US6041122A (en) * 1998-02-27 2000-03-21 Intel Corporation Method and apparatus for hiding crytographic keys utilizing autocorrelation timing encoding and computation
US6199113B1 (en) * 1998-04-15 2001-03-06 Sun Microsystems, Inc. Apparatus and method for providing trusted network security
US6968390B1 (en) * 1999-04-15 2005-11-22 International Business Machines Corporation Method and system for enabling a network function in a context of one or all server names in a multiple server name environment
US6275859B1 (en) * 1999-10-28 2001-08-14 Sun Microsystems, Inc. Tree-based reliable multicast system where sessions are established by repair nodes that authenticate receiver nodes presenting participation certificates granted by a central authority
US7792745B2 (en) * 2000-02-25 2010-09-07 Ipass Inc. Method and system to facilitate financial settlement of service access transactions between multiple parties
US20010034693A1 (en) * 2000-02-25 2001-10-25 Jay Farhat Method and system to broker a service access transaction
US6985945B2 (en) * 2000-12-07 2006-01-10 Ipass, Inc. Service quality monitoring process
US7240112B2 (en) * 2000-05-26 2007-07-03 Ipass Inc. Service quality monitoring process
US7519695B2 (en) * 2000-05-26 2009-04-14 Ipass Inc. Service quality monitoring process
EP1314092A4 (de) * 2000-08-02 2006-09-27 Ipass Inc Verfahren und system zur anpassung und aktualisierung einer netzverbindungsanwendung zur verteilung an mehrere endbenutzer
DE10055424A1 (de) * 2000-11-09 2002-05-29 Alcatel Sa Verfahren zum Speichern eines Sicherheitsschlüssels und Mehrrechnersystem zur Durchführung des Verfahrens
US6910130B2 (en) * 2000-11-29 2005-06-21 Hideki Imai System for and method of unconditionally secure digital signature
US20030065919A1 (en) * 2001-04-18 2003-04-03 Albert Roy David Method and system for identifying a replay attack by an access device to a computer system
US7921290B2 (en) 2001-04-18 2011-04-05 Ipass Inc. Method and system for securely authenticating network access credentials for users
US7469341B2 (en) * 2001-04-18 2008-12-23 Ipass Inc. Method and system for associating a plurality of transaction data records generated in a service access system
US7761606B2 (en) * 2001-08-02 2010-07-20 Ipass Inc. Method and system to secure a connection application for distribution to multiple end-users
US20030188160A1 (en) * 2001-08-02 2003-10-02 Singam Sunder Method and system to securely update files via a network
EP1425874B1 (de) * 2001-08-13 2010-04-21 Board Of Trustees Of The Leland Stanford Junior University Systeme und Verfahren zur Verschlüsselung auf Identitätsbasis und damit zusammenhängende kryptografische Techniken
US20030084171A1 (en) * 2001-10-29 2003-05-01 Sun Microsystems, Inc., A Delaware Corporation User access control to distributed resources on a data communications network
US7275260B2 (en) 2001-10-29 2007-09-25 Sun Microsystems, Inc. Enhanced privacy protection in identification in a data communications network
US20030084172A1 (en) * 2001-10-29 2003-05-01 Sun Microsystem, Inc., A Delaware Corporation Identification and privacy in the World Wide Web
US7085840B2 (en) * 2001-10-29 2006-08-01 Sun Microsystems, Inc. Enhanced quality of identification in a data communications network
US20030084302A1 (en) * 2001-10-29 2003-05-01 Sun Microsystems, Inc., A Delaware Corporation Portability and privacy with data communications network browsing
GB0126426D0 (en) * 2001-11-03 2002-01-02 Royal Holloway University Of L Authentication of a remote user to a host in a data communication system
WO2003077470A1 (en) * 2002-03-13 2003-09-18 Koninklijke Philips Electronics N.V. Polynomial-based multi-user key generation and authentication method and system
US7961884B2 (en) * 2002-08-13 2011-06-14 Ipass Inc. Method and system for changing security information in a computer network
US20030226036A1 (en) * 2002-05-30 2003-12-04 International Business Machines Corporation Method and apparatus for single sign-on authentication
US7979712B2 (en) * 2002-07-01 2011-07-12 International Business Machines Corporation Network system, server and information terminal for list matching
WO2004021638A1 (en) * 2002-08-28 2004-03-11 Docomo Communications Laboratories Usa, Inc. Certificate-based encryption and public key infrastructure
US8606885B2 (en) * 2003-06-05 2013-12-10 Ipass Inc. Method and system of providing access point data associated with a network access point
US20050055371A1 (en) * 2003-06-05 2005-03-10 Singam Sunder Method and system to manage a network connection application
EP1787199A2 (de) * 2004-02-18 2007-05-23 Ipass, Inc. Verfahren und system zur verwaltung von trasaktionen in einem fernnetzzugangssystem
US7539862B2 (en) * 2004-04-08 2009-05-26 Ipass Inc. Method and system for verifying and updating the configuration of an access device during authentication
JP2008515319A (ja) * 2004-09-30 2008-05-08 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ 多項式に基づく鍵配布システム及び方法
WO2006035400A1 (en) * 2004-09-30 2006-04-06 Koninklijke Philips Electronics N.V. Method of authentication based on polynomials
CN101120351B (zh) * 2005-02-18 2010-10-06 Rsa安全公司 派生种子的分发方法
US7999685B2 (en) * 2005-06-08 2011-08-16 Koninklijke Philips Electronics N.V. Deterministic key pre-distribution and operational key management for moblie body sensor networks
WO2007021094A1 (en) * 2005-08-19 2007-02-22 Samsung Electronics Co., Ltd. Method for performing multiple pre-shared key based authentication at once and system for executing the method
EP1964303B1 (de) * 2005-12-14 2016-08-03 Koninklijke Philips N.V. Verfahren und system zur authentifizierung eines provers mit geringen ressourcen
US7836298B2 (en) * 2005-12-23 2010-11-16 International Business Machines Corporation Secure identity management
US8064604B2 (en) * 2006-04-04 2011-11-22 Oracle International Corporation Method and apparatus for facilitating role-based cryptographic key management for a database
WO2008140798A1 (en) * 2007-05-11 2008-11-20 Indiana University Research & Technology Corporation Flexible management of security for multi-user environments
US8006295B2 (en) * 2007-06-28 2011-08-23 Microsoft Corporation Domain ID service
RU2491746C2 (ru) * 2007-07-03 2013-08-27 Конинклейке Филипс Электроникс Н.В. Система многомерной идентификации, аутентификации, авторизации и распределения ключа для мониторинга пациента
US20100046740A1 (en) * 2008-08-22 2010-02-25 Schneider James P Embedding a secret in a larger polynomial
US8539235B2 (en) * 2008-10-06 2013-09-17 Koninklijke Philips N.V. Method for operating a network, a system management device, a network and a computer program therefor
JP5335072B2 (ja) 2009-04-06 2013-11-06 パナソニック株式会社 鍵実装システム
US20130030924A1 (en) 2011-07-28 2013-01-31 American Express Travel Related Services Company, Inc. Systems and methods for generating and using a digital pass
TR2021004081A1 (tr) 2021-03-02 2022-09-21 Istanbul Teknik Ueniversitesi Bilimsel Ararstirma Proje Birim Bi̇r grup anahtari oluşturma yöntemi̇

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS589981B2 (ja) * 1978-04-26 1983-02-23 オムロン株式会社 利用者識別装置
SE426128B (sv) * 1981-04-08 1982-12-06 Philips Svenska Ab Metod vid overforing av datameddelanden mellan tva stationer, samt overforingsanleggning for utforande av metoden
JPH07118709B2 (ja) * 1987-01-16 1995-12-18 日本電信電話株式会社 秘密情報通信方式
JPH01125140A (ja) * 1987-11-10 1989-05-17 Nippon Telegr & Teleph Corp <Ntt> 複数局間秘密通信方式
US4987593A (en) * 1988-03-16 1991-01-22 David Chaum One-show blind signature systems

Also Published As

Publication number Publication date
JPH07105791B2 (ja) 1995-11-13
EP0511483B1 (de) 1997-07-23
DE69221017T2 (de) 1998-01-15
JPH05103094A (ja) 1993-04-23
US5202921A (en) 1993-04-13
EP0511483A2 (de) 1992-11-04
EP0511483A3 (en) 1993-06-09

Similar Documents

Publication Publication Date Title
DE69221017D1 (de) Verfahren und Vorrichtung zur gegenseitigen Authentifizierung von Benutzern in einen Kommunikationssystem
DE69233708D1 (de) Vorrichtung und Verfahren zur Schaffung von Netzwerksicherheit
DE68919923D1 (de) Verfahren und Vorrichtung zur Authentifizierung.
DE69634318D1 (de) Verfahren und Vorrichtung zur Gebührenerfassung von Benutzern in einem Geheimübertragungssystem
DE69617447T2 (de) Verfahren und vorrichtung zur anwender- authentifizierung
DE69332238D1 (de) Verfahren zur Authentifikation und dieses Verfahren verwendende Kommunikationsendeinrichtung und Kommunikationsverarbeitungseinheit
DE69323621T2 (de) Vorrichtung und verfahren zur gewinnung von leukocytfreiem trombozytkonzentrat
DE69429867D1 (de) Verfahren und einrichtung zur authentifizierung
DE69603577D1 (de) Verfahren und vorrichtung zur verabreichung von analgetika
DE69332459T2 (de) Verfahren und Vorrichtung zur Zeichenerkennung
DE69327375T2 (de) Verfahren und Vorrichtung zur Wiederherstellung von Bilddaten
DE69311581D1 (de) Verfahren und system zur authentifizierten sicheren schlüsselverteilung in einem kommunikationssystem
DE69210465D1 (de) Verfahren und Vorrichtung zur Verbindung von Datenverarbeitungsnetzwerken
DE69426142D1 (de) Vorrichtung und Verfahren zur Banknotenauthentifizierung
DE69427860T2 (de) Verfahren und vorrichtung zur projektion von bildern
DE69305536D1 (de) Verfahren und vorrichtung zur wiedergabe von stereoskopischen bildern
DE69228973D1 (de) Verfahren und Gerät zur Zeichenerkennung
DE69230092D1 (de) Verfahren und Gerät zur Zeichenerkennung
DE69229199T2 (de) Gerät und Verfahren zur Zeichenerkennung
DE69837457D1 (de) Verfahren zur Kontrolle von Wiederherstellung und zugehorige Vorrichtung in einem Kommunikationsnetzwerk
DE59105873D1 (de) Verfahren und Einrichtung zur Aufladung von Partikeln.
DE69227996T2 (de) Vorrichtung und verfahren zur vermittlung von datenblöcken
DE69215751D1 (de) Vorrichtung und Verfahren zur Zerkleinerung
DE68928692T2 (de) Verfahren und Vorrichtung zur Verbesserung von Einzelheiten in Bildern
DE69413140T2 (de) Verfahren und Vorrichtung zur Endarbeitung von Kommutatoren

Legal Events

Date Code Title Description
8364 No opposition during term of opposition
8339 Ceased/non-payment of the annual fee