WO2005013551A1 - Procede et systeme de securite destines a identifier une identite d'abonne non falsifiee aupres d'un destinataire - Google Patents

Procede et systeme de securite destines a identifier une identite d'abonne non falsifiee aupres d'un destinataire Download PDF

Info

Publication number
WO2005013551A1
WO2005013551A1 PCT/EP2004/007728 EP2004007728W WO2005013551A1 WO 2005013551 A1 WO2005013551 A1 WO 2005013551A1 EP 2004007728 W EP2004007728 W EP 2004007728W WO 2005013551 A1 WO2005013551 A1 WO 2005013551A1
Authority
WO
WIPO (PCT)
Prior art keywords
subscriber
originating
identity
key
participant
Prior art date
Application number
PCT/EP2004/007728
Other languages
German (de)
English (en)
Inventor
Georg Krause
Rudy Hartono
Original Assignee
Georg Krause
Rudy Hartono
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Georg Krause, Rudy Hartono filed Critical Georg Krause
Priority to EP04763193A priority Critical patent/EP1647108A1/fr
Publication of WO2005013551A1 publication Critical patent/WO2005013551A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Definitions

  • the invention relates to a method and a security system for recognizing an unadulterated identity of a subscriber sending a message to a subscriber receiving this message, the subscribers being able to be connected to one another via a computer network, in particular the public Internet.
  • the invention is also directed to a registration device for use in the security system.
  • the regular falsification of sender addresses means that, for example, unwanted e-mail advertising mailings at the recipient cannot be effectively suppressed using filter techniques. As a result, the proportion of unwanted information increases rapidly and storage capacity is thus occupied.
  • existing network protocols such as the Internet protocol or the protocols used for e-mail, there are none
  • the invention is therefore based on the object of providing a method, a security system and a registration device by means of which it is possible to recognize at the recipient of a message that the identity of the message sender has not been falsified.
  • a method for recognizing an unadulterated identity of a subscriber sending a message to a subscriber receiving this message is then provided. Participants can be connected to each other via a computer network. The process has the following steps:
  • the individual identities of several participants are stored in at least one registration facility; at least one individual participant key is generated for each participant; Before the start of the transmission of a message from an originating participant to at least one target participant, it is checked whether the individual identities of the originating and target participants are stored in the at least one registration device; if so, the identity of the originating subscriber is encrypted with the individual subscriber key of the target subscriber • and a first encrypted value is formed; the first encrypted value is transmitted to the originating participant; a message, the identity of the originating party and the first encrypted value are sent from the original party to the destination party; the first encrypted value is decrypted using the target subscriber's individual subscriber key in order to obtain the .
  • the decrypted identity of the originating participant is compared to the unencrypted transmitted identity of the originating party; if the compared identities match, the received message is forwarded for further processing. This ensures that only messages for further processing - e.g. B. for storage, output on a display - that have been received by an originating participant with a genuine identity.
  • the message is appropriately secured, for example encrypted.
  • the invention achieves this by the following steps: If the comparison shows that the individual identities sent by the originating participant, namely the identity of the originating and destination participant, are stored in the at least one registration device, a cryptographic key is generated; the cryptographic key is associated with the identity of the originating subscriber, wherein the obtained value is then 'encrypted with the individual subscriber key of the destination subscriber, and forms the first encrypted value; the cryptographic key is encrypted with the individual subscriber key of the originating subscriber and forms a second encrypted value; the first and second encrypted values are transmitted to the originating party; the originating party decrypts the second encrypted value with the originating party's individual subscriber key to obtain the cryptographic key; the message to be sent is secured, for example encrypted, using the cryptographic key; the secured message, the identity of the originating party and the first encrypted value are sent from the originating party to the destination party; the first encrypted value is decrypted with
  • the degree of security of the method can be increased in that the useful life of the cryptographic key for the originating participant and / or the Target participant is limited in time.
  • the time of generation of the cryptographic key is determined and saved.
  • the use of the cryptographic key by the originating and / or target subscriber is blocked after a predetermined period of time with reference to the determined point in time.
  • the method can also be used if the origin and destination participants are assigned to different registration facilities.
  • the originating participants send the individual identities of the originating and destination participants to the registration device assigned to them before the transmission of a message; it is then checked whether the individual identities of the origin and destination participants are stored in this registration device; if only the individual identity of the originating participant is stored, the registration device is searched in which the identity of the target participant is stored.
  • the method it is possible to determine on the recipient side the participants whose sent messages are to be specifically discarded or accepted. In this way, advertising waste (spam) sent by e-mail can be intercepted in a targeted manner.
  • predetermined identities of other participants are stored in the participants, whose sent messages are rejected or forwarded to a corresponding target participant.
  • the identities are preferably subscriber addresses, in particular e-mail addresses.
  • the cryptographic key can be generated according to a conventional random algorithm. .
  • the security system comprises a communication network, in particular a public computer network, at least two participants who can act as origin and / or destination participants and are connected to the communication network, and at least one registration device assigned to the participants.
  • the registration device has the following features: at least one subscriber connection interface, a storage device in which at least the identity of a subscriber is stored, a device for generating individual subscriber keys in response to the at least one stored identity and for sending the individual subscriber keys to the associated subscribers , a device for comparing the identity sent by a source and / or destination with the stored identities, a first device for encrypting the identity of the source with the individual
  • the originating subscriber having the following features: a device for communication with the registration device and the target subscriber, the target subscriber having the following features: a device for decrypting the first encrypted value with the individual Subscriber key of the target subscriber in order to obtain the decrypted identity of the originating subscriber, a device for comparing the decrypted identity of the originating subscriber with the unencrypted transmitted identity of the originating subscriber, a device for further processing a message received from the originating subscriber if the compared identities match.
  • the originating participant is connected to the communication network via the communication device, so that a connection is made both to the destination participant and to the registration device via the communication network.
  • the communication device can have two separate interfaces which connect the originating participant to the communication network and to the registration device.
  • the registration device In order to be able to transmit a secure, preferably encrypted message from the originating participant to the target participant, the registration device also has: a device for generating a cryptographic key, a device for linking the cryptographic key
  • the first encryption device being designed to encrypt the value supplied by the linking device with the individual subscriber key of the target subscriber and delivering the first encrypted value
  • a second encryption device for generating a second encrypted value by encrypting the cryptographic key with the individual Participant key of the original participant
  • the originating subscriber having the following further features: a device for decrypting the second encrypted value with its individual subscriber key in order to obtain the cryptographic key; means for securing a message to be sent using the cryptographic key, the communication means (110, 115) for sending the secured message, the identity of the
  • an unlocking device for example a
  • Decryption device for unlocking the received message using the cryptographic key, the ( decryption device being designed to decrypt the first encrypted value using the individual subscriber key in order to obtain the decrypted identity of the originating subscriber and the cryptographic key.
  • the time-limited use of the cryptographic key is achieved in that the registration device has the following further features: a device for determining the point in time at which the cryptographic key was generated, the linking device for linking the cryptographic key with the identity of the originating party and the Time is formed, wherein the at least one registration device, the origin and / or the destination participants a device for calculating the expiry of a predetermined period of time in Have reference to the determined point in time.
  • the target subscriber to a device for discarding a received message.
  • This device expediently speaks on the chronological course of the useful life of the cryptographic key. and / or a mismatch between the identity of the decrypted in the target participant
  • the registration device can have an interface for connecting to at least one further registration device and a device for searching the registration device, which is assigned to the target subscriber or in which the target subscriber is registered by his identity.
  • the registration device has at least one subscriber connection interface, a storage device in which at least the identity of a subscriber is stored, a device for generating individual subscriber keys in response to the at least one stored identity and for sending the individual subscriber keys to the associated ones
  • Participants a device for comparing the identity sent by a source and / or destination participant with the stored identities and a first device for encrypting the identity of the Originating participant with the individual participant key of the target participant, so that a first encrypted value is created which is intended for the originating participant.
  • the registration device advantageously contains a device for generating a cryptographic key, a device for linking the cryptographic key to the identity of the originating subscriber, the first
  • Encryption device for encrypting the value supplied by the linking device with the individual subscriber key of the target subscriber and delivering the first encrypted value
  • a second encryption device for generating a second encrypted value by encrypting the cryptographic key with the individual subscriber key of the originating subscriber.
  • the registration device can also have a device for determining the point in time at which the cryptographic key (K s ) was generated.
  • the linking device is then for linking the cryptographic key with the identity of the
  • Originating participant and the time is formed.
  • the registration device can have a device for calculating the expiry of a predetermined period of time in relation to the determined point in time and a device for blocking the use of the cryptographic key.
  • Fig. 1 shows a schematic representation of the security system according to the invention
  • Fig. 2 shows the block diagram of a registration device 30/40 shown in Fig. 1, in which the invention is implemented
  • Fig. 3 shows the block diagram of the originating participant shown in Fig. 1, in which the invention 4 is the block diagram of the target subscriber shown in FIG. 1, in which the invention is implemented.
  • FIG. 1 shows a security system which, as a computer network, comprises, for example, the public Internet 50 and two computers 10 and 20 connected to it.
  • the security system also includes two
  • Registration devices 30 and 40 are connected to the computer 10, whereas the registration device 30 is connected to the computer 10, whereas the registration device 30 is connected to the computer 10.
  • Registration device 40 is connected to the computer 20.
  • the registration device 30, the computer 10, the registration device 40 and the computer 20 can be connected to one another via the Internet 50.
  • several computers can be connected to the Internet, several registration devices connected to each other and several computers one
  • Registration device to be assigned The interconnected registration devices 30 and 40 can be part of an intelligent network that is superior to the Internet. For the present example, assume that computer 10 is the originating participant of a message and the computer 20 act as the target subscriber of the message.
  • the structure of the registration devices 30 and 40 is shown in FIG. 2.
  • the registration devices 30 and 40 have an interface 80, via which they can communicate with the computer 10 or with the computer 20, also shown in FIG. 1 as subscriber A and subscriber B. Data can be transmitted in encrypted form between the registration device 30 and the computer 10 or between the registration device 40 and the computer 20.
  • a memory 60 is connected to the interface 80, in which the identity ID A of the computer 10, for example an e-mail address, the period of use n for using a cryptographic key K s and the subscriber keys can be stored.
  • the memory 60 was represented by two devices, each of which is provided with the reference number 60.
  • a comparator 260 is connected to the interface 80 and the memory 60 in order to be able to compare the identities ID A of the computer 10 and ID B of the computer 20 supplied by the computer 10 with the identities stored in the memory 60.
  • a search device 250 is connected to an interface 100 and the comparator 260 in order, in the event that the identity ID B of the target computer 20 is not stored in the memory 60, to search the registration device, in the present case the registration device 40, in which the identity ID B of the computer 20 is stored.
  • a linking device 190 is connected on the input side to the memory 60 and a key generator 180 and on the output side to an encryption device 200.
  • the key generator 180 is one Timer 230 connected, which determines the time of generating a cryptographic key K s .
  • the timer 230 may be connected to a timing calculator 270 connected to the memory 60 to determine when the
  • a subscriber key generator 70 is connected to the memory 60 and an encryption device 205.
  • the subscriber key generator 70 generates at least one individual subscriber key for each computer whose identity is stored in the memory 60.
  • a subscriber key K A is generated for the computer 10, which can be transmitted to the computer 10 via a secure connection.
  • registration device 40 generates one
  • the subscriber keys are stored in the memory 60.
  • the encryption device 200 is also connected to the memory 60 and the interface 80.
  • the encryption device 205 is with the
  • Subscriber key generator 70 and the key generator 180 connected.
  • the interface 80 is also connected to the interface 100.
  • the registration devices 30 and 40 are connected to one another via respective interfaces 100.
  • FIG. 3 schematically shows the transmitting part of the computer 10
  • FIG. 4 schematically shows the receiving part of the computer 20. It is obvious that both computers 10 and 20 can contain both a transmitting and a receiving part.
  • the special representation in FIGS. 3 and 4 was only chosen to include the exemplary use of the computer 10 as a news transmitter and the reproduce exemplary use of the computer 20 as a message recipient.
  • the computer 10 is connected to the registration device 30 via an interface 115 and to the Internet 50 via an interface 110.
  • the computer 10 contains a decryption device 210, an encryption device 230 connected thereto for encrypting a message m to be sent and a key memory 220 which is connected to the decryption device and the
  • Encryption device 230 can be connected.
  • the encryption device 230 is a possible implementation of a security device.
  • the computer 20 has an interface 120 for connection to the Internet 50 and an interface 130 for communication with the Internet 50
  • a decryption device 140 and a comparator 160 are connected to the interface 120.
  • a further decryption device 145 is connected to a decision maker 240
  • Decryption device 140 the interface 120 and a display 170 for displaying the decrypted message m connected.
  • the display 170 is also connected to the decision maker 240 and the comparator 160.
  • a key store 150 is with the
  • Decryption device 140 and the interface 120 connected.
  • the security system works in two stages, a registration phase with the Registration devices 30 and 40 and an operating phase.
  • the registration phase begins with the identity ID A of the computer 10 in the memory 60 of the
  • the subscriber key generator 70 then creates a subscriber key K A for the computer 10.
  • the subscriber key K A is stored in the memory 60 and is preferably encrypted and only transmitted to the computer 10 via the interface 80 and there in the
  • the registration device 40 then creates a subscriber key K B for the computer 20.
  • the subscriber key K B is stored in the memory 60 of the registration device 40 and is preferably encrypted only via the interface 80
  • Transfer computer 20 and stored there in a key memory 150 The computers 10 and 20 can agree with the registration device 30 or 40 which encryption method is used for the subsequent operating phase. As already mentioned, the identities of the respectively registered computers, the subscriber keys and the encryption method are stored in the registration devices 30 and 40.
  • the computer 10 wants to send a message m to the computer 20.
  • the computer 10 sends a request to the registration device 30 stating its own identity ID A and the identity ID B of the computer 20 in order to obtain a connection to the computer 20 via the Internet 50.
  • the identities of the computers can be the e-mail addresses. Exactly the same identity information that was already used when registering the computers 10 and 20 in the registration device 30 and 40 must be used.
  • comparator 260 of registration device 30 After receiving identities ID A and ID B , comparator 260 of registration device 30 checks whether identity ID A of computer 10 is stored in memory 60. If the computer 10 is not registered, the request for a connection request to the computer 20 is rejected - and the computer 10 receives a corresponding message. However, in the present case, the comparator 260 confirms that the computer 10 is registered in the registration device 30 and further checks whether the computer 20 is also registered, ie whether the identity ID B in the memory 60 of the
  • Registration device 30 is included. This is not the case in the present example.
  • the search device 250 of the registration device 30 initiates a search for the registration device in which the computer 20 is registered.
  • the search device 260 can use the specified identity ID B of the computer 20 to find the registration device 40 in which the computer 20 is registered.
  • the identities ID A and ID B of the computers 10 and 20 are transmitted to the respective registration device for checking that they match the respectively stored identities. The search can be carried out until the registration device in which the computer 20 is registered is found. As soon as the
  • the registration device 40 receives the identities ID A and ID B from the registration device 30, the checks
  • Comparator 260 of the registration device 40 as to whether the identity ID B is stored in the memory 60.
  • the key generator 180 Since the computer 20 is registered in the registration device 40, the key generator 180 generates the
  • Registration device -40 a random key K s .
  • the timer 230 of the registration device 40 determines a time stamp t which corresponds to the time at which the random key was generated.
  • the random key K s is now linked to the identity ID A of the computer 10 and the time stamp t by an algorithm in the linking device 190 of the registration device 40.
  • the algorithm for the linkage is of minor importance and in the simplest case can consist of joining the values together.
  • the linkage value thus formed can be stored in the memory 60 of the registration device 40.
  • the link value is encrypted in the encryption device 200 of the registration device 40 with the aid of the subscriber key K B of the computer 20 and results in the value r.
  • r function E (Ks
  • Random key K s and, optionally, the useful life n of the random key K ⁇ stored in the memory 60 are sent to the registration device 30 in a confidential manner, usually encrypted.
  • the random key K s cannot be found out on the transmission path.
  • the random key K ⁇ is linked to the usage time n.
  • the value s is decrypted using the subscriber key K A of the computer 10 in order to obtain the random key K s and the useful life n.
  • the useful life n indicates how long the random key K s can be used. The following applies:
  • the message m to be transmitted is now encrypted in the encryption device 230 with the random key K s , as a result of which the value v is formed.
  • the processed message v with the unencrypted identity ID A of the sending computer 10 and the value r is now sent to the computer 20 via the Internet 50.
  • the computer 20 receives the information v, ID A and r.
  • the value r is decrypted in the decryption device 140 using the subscriber key K B stored in the subscriber key memory 150.
  • t function D (r, K B )
  • the decrypted value of ID A and the unencrypted value of ID A are now compared in comparator 160. If the values are not identical, the identity ID A of the computer 10 has been manipulated. The result is fed to the decision maker 240, who causes further processing, for example the decryption of the message m, not to be carried out or terminated in the decryption device 145. A manipulated sender identity was thus discovered.
  • the decision maker 240 optionally checks, based on the transmitted useful life n and the determined point in time when the random key K s is generated , whether the useful life n is related on the determined time stamp t of the generation of the random key K s has been exceeded. If this is the case, the further processing of the encrypted Message m canceled by the decision maker 240 because the key K s is too old.
  • the expiry of the usage time n of the key K s can also be determined by the time expiry calculator 270
  • Registration devices 30 and 40 are determined, whereupon the respective registration device blocks the use of the random key K s and deletes the key.
  • the expiration of the useful life can also be determined in the sending computer 10.
  • the decryption device 145 is released by the decision maker 240 to apply the function D with the key K s to the encrypted message v.
  • the function D represents a decryption, a key-dependent hash code check, a check of an encrypted hash code or a check of an encrypted MAC.
  • decryption device for decrypting the first value r with the subscriber key K B
  • decryption device for decrypting an encrypted message using the key K s 150 key memory for storing the keys 160 comparator for comparing the decrypted ID A with the unencrypted transmitted ID A 170 display
  • decryption device for decrypting a second value s using the subscriber key K A ' to obtain the key K s , 220 key memory for storing the keys 230 encryption device for encrypting a message m with the key K s 240 decision-maker for activating or deactivating the decryption device 145 and the display 170 250 search device 260 comparator for comparing the received ID A and ID B with the content of the memory 60 270 timing calculator

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

L'invention concerne un procédé et un système de sécurité destinés à identifier une identité non falsifiée d'un abonné envoyant une information, auprès d'un abonné recevant cette information, les abonnés pouvant être connectés par l'intermédiaire d'un réseau informatique, notamment d'Internet. L'invention concerne également un dispositif d'enregistrement destiné à être employé dans le système de sécurité selon l'invention. L'invention vise notamment à fournir au récepteur d'informations publicitaires envoyées par message électronique (courrier poubelle), un mécanisme amélioré de blocage de telles informations. A cet effet, les abonnés (10, 20) sont enregistrés dans le dispositif d'enregistrement (30, 40) et on met en oeuvre un procédé permettant au destinataire d'une information de contrôler l'identité de l'expéditeur en ce qui concerne son intégrité.
PCT/EP2004/007728 2003-07-18 2004-07-13 Procede et systeme de securite destines a identifier une identite d'abonne non falsifiee aupres d'un destinataire WO2005013551A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP04763193A EP1647108A1 (fr) 2003-07-18 2004-07-13 Procede et systeme de securite destines a identifier une identite d'abonne non falsifiee aupres d'un destinataire

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE2003133048 DE10333048A1 (de) 2003-07-18 2003-07-18 Verfahren und Sicherheitssystem zum Erkennen einer unverfälschten Teilnehmer-Identität bei einem Empfänger
DE10333048.8 2003-07-18

Publications (1)

Publication Number Publication Date
WO2005013551A1 true WO2005013551A1 (fr) 2005-02-10

Family

ID=33560236

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2004/007728 WO2005013551A1 (fr) 2003-07-18 2004-07-13 Procede et systeme de securite destines a identifier une identite d'abonne non falsifiee aupres d'un destinataire

Country Status (3)

Country Link
EP (1) EP1647108A1 (fr)
DE (1) DE10333048A1 (fr)
WO (1) WO2005013551A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0946022A2 (fr) * 1998-03-26 1999-09-29 Nippon Telegraph and Telephone Corporation Schéma de contrÔle d'accès de courrier électronique pour un réseau de communication utilisant un dispositif de masquage d'identification
EP1162781A2 (fr) * 2000-06-09 2001-12-12 TRW Inc. Système et procédé de génération d'un certificat de signature dans une infrastructure à clé publique

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0946022A2 (fr) * 1998-03-26 1999-09-29 Nippon Telegraph and Telephone Corporation Schéma de contrÔle d'accès de courrier électronique pour un réseau de communication utilisant un dispositif de masquage d'identification
EP1162781A2 (fr) * 2000-06-09 2001-12-12 TRW Inc. Système et procédé de génération d'un certificat de signature dans une infrastructure à clé publique

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
R. HOUSLEY, W. FORD, W. POLK, D. SOLO: "Internet X.509 Public Key Infrastructure Certificate and CRL Profile", INTERNET ARTICLE, January 1999 (1999-01-01), XP015008243 *
S. KENT, BBN, IAB IRTF PSRG, IETF PEM: "Privacy Enhancement for Internet Electronic Mail: Part II: Certificate -based Key Management", INTERNET ARTICLE, February 1993 (1993-02-01), XP015007209 *

Also Published As

Publication number Publication date
EP1647108A1 (fr) 2006-04-19
DE10333048A1 (de) 2005-02-03

Similar Documents

Publication Publication Date Title
DE3303846C2 (fr)
DE60114986T2 (de) Verfahren zur herausgabe einer elektronischen identität
DE69917803T2 (de) Nachrichtenidentifizierung mit vertraulichkeit, integrität und ursprungsauthentifizierung
EP0903026A1 (fr) Procede de gestion de cles cryptographique entre une premiere unite informatique et une seconde unite informatique
DE10244727B4 (de) System und Verfahren zur sicheren Datenübertragung
EP0903027A1 (fr) Procede de gestion de cles cryptographiques, fonde sur un groupe, entre une premiere unite informatique et des unites informatiques d'un groupe
EP2082521A1 (fr) Procédé de fabrication d'une clé symétrique protégeant un protocole de gestion de clés
EP3949309B1 (fr) Certificat digital et méthode sécure pour fournier une clé publique
EP1709764A1 (fr) Ensemble circuit et procede pour securiser la communication au sein de reseaux de communication
EP1865675A1 (fr) Procédé et système destinés au filtrage des messages électroniques
DE102012106177A1 (de) Sicheres Übertragungsverfahren
DE102019109341B4 (de) Verfahren zum sicheren Austausch von verschlüsselten Nachrichten
EP3591925B1 (fr) Système de chiffrement pour environnements peu fiables
WO2005013551A1 (fr) Procede et systeme de securite destines a identifier une identite d'abonne non falsifiee aupres d'un destinataire
WO2020144123A1 (fr) Procédé et système de transmission d'informations
DE102006009725A1 (de) Verfahren und Vorrichtung zum Authentifizieren eines öffentlichen Schlüssels
WO2004064316A1 (fr) Estampille assistee par la telecommunication
EP2037643A1 (fr) Procédé de transmission d'une information électronique dans un réseau de transport
EP3955511B1 (fr) Transfert de données sécurisé dans un noeud de réseau qkd
EP3754931A1 (fr) Procédé de transmission de données à fiabilité de manipulation
DE10220737B4 (de) Inhaltsbezogene Verschlüsslung
WO2012007349A1 (fr) Procédé de transmission d'un message électronique par l'intermédiaire d'un système de communication et système de communication associé
EP1626551A1 (fr) Méthode pour assurer authenticité et confidentialité dans un réseau p2p
WO2018091703A1 (fr) Procédé et dispositif de sécurisation d'une transmission de données électronique
DE102014204709A1 (de) Verfahren und Kommunikationsgerät zur Nachrichtenübermittlung in einem zumindest teilweise ein gemäß Internet Protokoll "IP" Kommunikationsverbindungen bereitstellendes Kommunikationsnetz

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2004763193

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2004763193

Country of ref document: EP

DPEN Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101)