WO1999055991A2 - Procede d'authentification - Google Patents

Procede d'authentification Download PDF

Info

Publication number
WO1999055991A2
WO1999055991A2 PCT/DE1999/001234 DE9901234W WO9955991A2 WO 1999055991 A2 WO1999055991 A2 WO 1999055991A2 DE 9901234 W DE9901234 W DE 9901234W WO 9955991 A2 WO9955991 A2 WO 9955991A2
Authority
WO
WIPO (PCT)
Prior art keywords
instance
component
authentication
mod
lock
Prior art date
Application number
PCT/DE1999/001234
Other languages
German (de)
English (en)
Other versions
WO1999055991A3 (fr
Inventor
Jean Georgiades
Original Assignee
Siemens Aktiengesellschaft
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens Aktiengesellschaft filed Critical Siemens Aktiengesellschaft
Priority to EP99927720A priority Critical patent/EP1078139A2/fr
Priority to JP2000546123A priority patent/JP2002513220A/ja
Publication of WO1999055991A2 publication Critical patent/WO1999055991A2/fr
Publication of WO1999055991A3 publication Critical patent/WO1999055991A3/fr

Links

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/20Means to switch the anti-theft system on or off
    • B60R25/24Means to switch the anti-theft system on or off using electronic identifiers containing a code not memorised by the user
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00388Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks code verification carried out according to the challenge/response method
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/0042Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed
    • G07C2009/00476Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed dynamically
    • G07C2009/00484Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed dynamically whereby the code is a variable code
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Definitions

  • the invention relates to a method for authentication.
  • a method for authentication (also: authentication, authentication) is known from [1].
  • An iterated one-way function f is a function that applies to
  • the iterative application of the one-way function f returns a sequence of numbers
  • a reversal that is to say a backward iteration according to which x m is to be determined from knowledge of Xjn + 1, is not possible at all or only with very great effort.
  • An example of such a one-way function is the discrete logarithm modulo of a prime number p.
  • a "trapdoor function” is an iterated one-way function which allows its inversion by using a special solution mechanism (said "trapdoor”).
  • a second instance e.g. a key
  • a first instance e.g. a lock
  • the second instance sends a component to the first instance, the first instance in turn with another Component answers and thus authenticates itself to the second instance (mechanism of one-sided authentication).
  • authentication methods place high demands on a storage space to be made available.
  • the object of the invention is to provide a method for authentication, whereby extremely low demands are made on a storage space to be provided.
  • an authentication method which comprises the following steps:
  • a first component is transmitted from a first instance to a second instance.
  • a second component is determined from the transmitted first component by means of a backward iteration with a special solution mechanism (the trap door described) and transmitted to the first instance.
  • the second component in a sequence of values which are determined by the backward iteration or the inverse iterated one-way function, represents a processor component of the first component.
  • the described transmissions can optionally be connectionless, e.g. via radio or by induction, or e.g. done connection-oriented via a cable.
  • a decisive advantage of the method described is that only a few components have to be kept in the memory, and the memory can therefore be dimensioned accordingly small.
  • An iteration that is to say repeated authentication of the second instance with respect to the first instance, is preferably achieved in that after carrying out steps a) to d) the second component is set equal to the first component and the method is continued with step a).
  • An embodiment of the method is the implementation of a predetermined action, e.g. starting a vehicle from the first instance after the second instance has successfully authenticated.
  • a further development consists in that the iterated one-way function is determined by
  • n is an integer
  • mod the MODULO operator mod the MODULO operator, xi the first component and X2 the second component.
  • Said solution mechanism is that the second instance knows the prime numbers from which the number n is composed.
  • the number n is preferably determined by
  • the first instance is an electronic lock and the second instance is an electronic key.
  • the method can be used in an immobilizer for a vehicle.
  • Show it 1 shows a block diagram comprising steps of a method for authentication
  • Fig.2 is a sketch that symbolically represents an arrangement of lock and key.
  • a block diagram is shown, which comprises steps of a method for authentication.
  • a second instance 102 preferably a key
  • a first instance 101 preferably a lock.
  • the first instance 101 is aware of a component K (cf. step 103).
  • This component Kj_ is transmitted to the second instance 102 in a step 105 and the component K is received in a step 106 on the second instance 102.
  • a component Ki_ ⁇ _ preceding the component Ki is now determined on the second instance in a step 107 and transmitted to the first instance 101 in a step 108.
  • the solution mechanism ("trap door") is used in step 107 in order to calculate the four roots of the first component Ki. Again through this solution mechanism one arrives at the root which is itself a square. So you have that
  • Processor component Ki-i of component Ki found. After the transmission (cf. step 108), the component K -i is received by the first instance 101 in a step 109. In a subsequent step 110, it is checked whether the received component Ki-i correctly authenticates the second instance 102. For this purpose, the component Ki-i is used as input for an iterated one-way function and the result is compared with the component Ki. If the result is not the same as the component Ki, a step 111 indicates that the authentication of the second instance 102 to the first instance 101 has failed and that Procedure ended (see step 112). Otherwise, the second instance 102 is successfully authenticated to the first instance 101 in a step 113. In a step 114, the component Ki__ becomes the new component Ki and continues with step 103.
  • step 107 the processor component Ki-i is to be determined:
  • the number sought is 25 and is transmitted to the first instance as a second component.
  • FIG. 2 shows a sketch which symbolically represents an arrangement of lock and key. This arrangement is preferably used in an immobilizer of a motor vehicle.
  • a lock 201 requires authentication of a key 202 via a predetermined one
  • Communication channel 203 The information transmitted on the communication channel can be found in the flow chart from FIG.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mechanical Engineering (AREA)
  • Lock And Its Accessories (AREA)

Abstract

L'invention concerne un procédé qui permet une authentification d'une première instance (clé) par rapport à une seconde instance (serrure). A cet effet, une première composante d'une série de chiffres, qui sont déterminés par une fonction univoque itérée, est transmise de la serrure à la clé. Sur la base d'une gâche, la composante précurseur est déterminée à partir de la clé et renvoyée à la serrure. La serrure vérifie si la composante précurseur est correcte. Si c'est le cas, la clé est authentifiée avec succès par rapport à la serrure, sinon l'authentification n'aboutit pas.
PCT/DE1999/001234 1998-04-29 1999-04-26 Procede d'authentification WO1999055991A2 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP99927720A EP1078139A2 (fr) 1998-04-29 1999-04-26 Procede d'authentification
JP2000546123A JP2002513220A (ja) 1998-04-29 1999-04-26 認証方法

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE19819232.0 1998-04-29
DE19819232 1998-04-29

Publications (2)

Publication Number Publication Date
WO1999055991A2 true WO1999055991A2 (fr) 1999-11-04
WO1999055991A3 WO1999055991A3 (fr) 1999-12-16

Family

ID=7866225

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/DE1999/001234 WO1999055991A2 (fr) 1998-04-29 1999-04-26 Procede d'authentification

Country Status (3)

Country Link
EP (1) EP1078139A2 (fr)
JP (1) JP2002513220A (fr)
WO (1) WO1999055991A2 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1172776A2 (fr) * 2000-07-15 2002-01-16 ED Vision (Holdings) Limited Procédé d'authentification certifiée
WO2002021469A2 (fr) * 2000-09-05 2002-03-14 Ed Vision (Holdings) Limited Procede d'authentification interactive
FR2834578A1 (fr) * 2002-01-04 2003-07-11 Somfy Procede d'authentifications successives d'une unite par une autre

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2100190A (en) * 1981-06-05 1982-12-22 Grey Lab Establishment Protecting and checking documents
GB2102606A (en) * 1981-06-19 1983-02-02 Nat Res Dev Apparatus and methods for making payments electronically
FR2536928A1 (fr) * 1982-11-30 1984-06-01 France Etat Systeme pour chiffrer et dechiffrer des informations, du type utilisant un systeme de dechiffrement a cle publique
EP0628935A1 (fr) * 1993-06-08 1994-12-14 Bull Cp8 Procédé d'authentification d'un objet portatif par un terminal hors ligne, objet portatif et terminal correspondants
WO1997030424A1 (fr) * 1996-02-15 1997-08-21 Misko, Patrick Procede pour faire autoriser par un serveur l'acces a un service a partir de dispositifs portatifs a microcircuits electroniques du type carte a memoire par exemple

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2100190A (en) * 1981-06-05 1982-12-22 Grey Lab Establishment Protecting and checking documents
GB2102606A (en) * 1981-06-19 1983-02-02 Nat Res Dev Apparatus and methods for making payments electronically
FR2536928A1 (fr) * 1982-11-30 1984-06-01 France Etat Systeme pour chiffrer et dechiffrer des informations, du type utilisant un systeme de dechiffrement a cle publique
EP0628935A1 (fr) * 1993-06-08 1994-12-14 Bull Cp8 Procédé d'authentification d'un objet portatif par un terminal hors ligne, objet portatif et terminal correspondants
WO1997030424A1 (fr) * 1996-02-15 1997-08-21 Misko, Patrick Procede pour faire autoriser par un serveur l'acces a un service a partir de dispositifs portatifs a microcircuits electroniques du type carte a memoire par exemple

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
B. SCHNEIER: "APPLIED CRYPTOGRAPHY" 15. Juli 1996 (1996-07-15) , JOHN WILEY & SONS , US, NEW-YORK XP002118968 218930 Seite 475, Absatz 19.5 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1172776A2 (fr) * 2000-07-15 2002-01-16 ED Vision (Holdings) Limited Procédé d'authentification certifiée
EP1172776A3 (fr) * 2000-07-15 2002-10-16 ED Vision (Holdings) Limited Procédé d'authentification certifiée
WO2002021469A2 (fr) * 2000-09-05 2002-03-14 Ed Vision (Holdings) Limited Procede d'authentification interactive
WO2002021469A3 (fr) * 2000-09-05 2002-11-28 Ed Vision Holdings Ltd Procede d'authentification interactive
FR2834578A1 (fr) * 2002-01-04 2003-07-11 Somfy Procede d'authentifications successives d'une unite par une autre

Also Published As

Publication number Publication date
EP1078139A2 (fr) 2001-02-28
JP2002513220A (ja) 2002-05-08
WO1999055991A3 (fr) 1999-12-16

Similar Documents

Publication Publication Date Title
DE69920875T2 (de) Vorrichtung und Verfahren zum Berechnen einer digitalen Unterschrift
DE60006147T2 (de) Schlüsselzustimmungsprotokoll mit getrennten Schlüsseln
EP0472714B1 (fr) Procede d'authentification d'un utilisateur utilisant une station de donnees
DE69333068T2 (de) Verfahren zur ausdehnung der gültigkeit eines kryptographischen zertifikats
EP3110101A1 (fr) Procede de protection de manipulation de paquets de donnees utiles a transmettre par un systeme de bus entre des composants systeme
DE60017845T2 (de) Minimierung der diskontinuierlichen Übertragung in einem Mobiltelekommunikationssystem
DE69934403T2 (de) Verfahren und vorrichtung zur digitalen kanalisierung und dekanalisierung
DE19718827C2 (de) Verfahren und Vorrichtung zum Authentisieren von Mobilfunkteilnehmern
EP1368929A2 (fr) Procede d'authentification
DE69735290T2 (de) Verfahren zur unsymmetrischen kryptographischen kommunikation und zugehöriger tragbarer gegenstand
DE60207860T2 (de) Verfahren und einrichtung zur bereitstellung von zeitsteuerungsinformationen in einem drahtlosen kommunikationssystem
EP0602319A1 (fr) Procédé pour assurer un appareil radio-électrique mobile contre l'emploi non-autorisé
DE10110049A1 (de) Verfahren und Vorrichtung zur Datenverschlüsselung bei der Programmierung von Steuergeräten
EP0739108B1 (fr) Procédé pour signer un message utilisant une cryptographie à clé publique
EP1078139A2 (fr) Procede d'authentification
EP2730050B1 (fr) Procédé de création et de vérification d'une signature électronique par pseudonyme
DE102004049026B4 (de) Verfahren zur Authentifizierung von Elementen einer Gruppe
DE102006013515A1 (de) Kryptographisches Verfahren mit elliptischen Kurven
EP1604505B1 (fr) Chargement de donnees mediatiques sur un support de donnees portable
EP2337293B1 (fr) Dispositifs, procédés et signaux de codage OFDM
EP1232599B1 (fr) Dispositif pour generer un signal de controle module numeriquement
EP1349405A1 (fr) Procédé pour le téléchargement de logiciel vers un appareil de communication mobile
DE60300278T2 (de) Verfahren zur Übertragung von Signalisierungsinformation in einem Mehrträgerfunkübertragungsnetzwerk
EP1116358A1 (fr) Procede d'authentification d'au moins un abonne lors d'un echange de donnees
DE102004064108B4 (de) Verfahren und Schaltung zum Begrenzen der Leistung eines aus spreizkodierten Signalen zusammengesetzten Signals

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): JP US

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

AK Designated states

Kind code of ref document: A3

Designated state(s): JP US

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 1999927720

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 09674218

Country of ref document: US

WWP Wipo information: published in national office

Ref document number: 1999927720

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1999927720

Country of ref document: EP