DE69221017D1 - Verfahren und Vorrichtung zur gegenseitigen Authentifizierung von Benutzern in einen Kommunikationssystem - Google Patents

Verfahren und Vorrichtung zur gegenseitigen Authentifizierung von Benutzern in einen Kommunikationssystem

Info

Publication number
DE69221017D1
DE69221017D1 DE69221017T DE69221017T DE69221017D1 DE 69221017 D1 DE69221017 D1 DE 69221017D1 DE 69221017 T DE69221017 T DE 69221017T DE 69221017 T DE69221017 T DE 69221017T DE 69221017 D1 DE69221017 D1 DE 69221017D1
Authority
DE
Germany
Prior art keywords
users
communication system
mutual authentication
authentication
mutual
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
DE69221017T
Other languages
English (en)
Other versions
DE69221017T2 (de
Inventor
Amir Herzberg
Shay Kutten
Marcel Mordechay Yung
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Application granted granted Critical
Publication of DE69221017D1 publication Critical patent/DE69221017D1/de
Publication of DE69221017T2 publication Critical patent/DE69221017T2/de
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • H04L9/0836Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
DE69221017T 1991-04-01 1992-03-13 Verfahren und Vorrichtung zur gegenseitigen Authentifizierung von Benutzern in einen Kommunikationssystem Expired - Fee Related DE69221017T2 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US07/678,474 US5202921A (en) 1991-04-01 1991-04-01 Method and apparatus for authenticating users of a communication system to each other

Publications (2)

Publication Number Publication Date
DE69221017D1 true DE69221017D1 (de) 1997-09-04
DE69221017T2 DE69221017T2 (de) 1998-01-15

Family

ID=24722930

Family Applications (1)

Application Number Title Priority Date Filing Date
DE69221017T Expired - Fee Related DE69221017T2 (de) 1991-04-01 1992-03-13 Verfahren und Vorrichtung zur gegenseitigen Authentifizierung von Benutzern in einen Kommunikationssystem

Country Status (4)

Country Link
US (1) US5202921A (de)
EP (1) EP0511483B1 (de)
JP (1) JPH07105791B2 (de)
DE (1) DE69221017T2 (de)

Families Citing this family (92)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0535284A1 (de) * 1991-09-30 1993-04-07 International Business Machines Corporation Verfahren und Vorrichtung zur Erweiterung der Verbindungsfähigkeit eines Kommunikationssystems
US5557518A (en) 1994-04-28 1996-09-17 Citibank, N.A. Trusted agents for open electronic commerce
US5453601A (en) 1991-11-15 1995-09-26 Citibank, N.A. Electronic-monetary system
US7028187B1 (en) 1991-11-15 2006-04-11 Citibank, N.A. Electronic transaction apparatus for electronic commerce
US5369705A (en) * 1992-06-03 1994-11-29 International Business Machines Corporation Multi-party secure session/conference
JPH07117929B2 (ja) * 1992-08-14 1995-12-18 インターナショナル・ビジネス・マシーンズ・コーポレイション 無接続セッション指向プロトコルの第1メッセージの生成システム及び方法
US5677954A (en) * 1993-07-07 1997-10-14 Ntt Mobile Communications Network, Inc. Cryptical control method for personal communication
CA2169449A1 (en) * 1993-08-13 1995-02-23 Frank Thomson Leighton Secret key exchange
US5450491A (en) * 1993-08-26 1995-09-12 At&T Corp. Authenticator card and system
DE69330065T2 (de) * 1993-12-08 2001-08-09 Ibm Verfahren und System zur Schlüsselverteilung und Authentifizierung in einem Datenübertragungssystem
JP3548215B2 (ja) * 1993-12-22 2004-07-28 キヤノン株式会社 通信方法及びそのシステム
FR2716323B1 (fr) * 1994-02-14 1996-05-03 France Telecom Système sécurisé d'interconnexion de réseaux locaux via un réseau de transmission public.
DE4406602C2 (de) * 1994-03-01 2000-06-29 Deutsche Telekom Ag Sicherheitssystem zum Identifizieren und Authentisieren von Kommunikationspartnern
DE4406590C2 (de) * 1994-03-01 2001-05-31 Deutsche Telekom Ag System zur Authentifizierung von Anrufern
AU697013B2 (en) * 1994-04-28 1998-09-24 Citibank, N.A. Methods of enabling secure communications among processing devices in open electronic commerce
US6088797A (en) * 1994-04-28 2000-07-11 Rosen; Sholom S. Tamper-proof electronic processing device
US5544322A (en) * 1994-05-09 1996-08-06 International Business Machines Corporation System and method for policy-based inter-realm authentication within a distributed processing system
JP3454947B2 (ja) * 1994-06-07 2003-10-06 富士通株式会社 パーソナル通信サービス分散制御システム
US5475757A (en) * 1994-06-07 1995-12-12 At&T Corp. Secure data transmission method
DE4442357A1 (de) * 1994-11-29 1996-06-05 Deutsche Telekom Ag Verfahren und Anordnung zur Sicherung von Daten
US5911080A (en) * 1994-11-30 1999-06-08 Samsung Electronics Co., Ltd. Computer system whose power supply is controlled by an identification card and a method of supplying power to the computer system
US5625692A (en) * 1995-01-23 1997-04-29 International Business Machines Corporation Method and system for a public key cryptosystem having proactive, robust, and recoverable distributed threshold secret sharing
DE19511298B4 (de) * 1995-03-28 2005-08-18 Deutsche Telekom Ag Verfahren zur Erteilung und zum Entzug der Berechtigung zum Empfang von Rundfunksendungen und Decoder
US5742682A (en) 1995-03-31 1998-04-21 Pitney Bowes Inc. Method of manufacturing secure boxes in a key management system
US5745886A (en) * 1995-06-07 1998-04-28 Citibank, N.A. Trusted agents for open distribution of electronic money
DE19523466C1 (de) * 1995-06-28 1997-04-03 Informatikzentrum Der Sparkass Verfahren zur gegenseitigen Authentifikation von elektronischen Partnern mit einem Rechnersystem
US5671280A (en) * 1995-08-30 1997-09-23 Citibank, N.A. System and method for commercial payments using trusted agents
US6286002B1 (en) 1996-01-17 2001-09-04 @Yourcommand System and method for storing and searching buy and sell information of a marketplace
US6119101A (en) 1996-01-17 2000-09-12 Personal Agents, Inc. Intelligent agents for electronic commerce
US20050114218A1 (en) * 1996-01-17 2005-05-26 Privacy Infrastructure, Inc. Third party privacy system
CA2247509A1 (en) * 1996-02-21 1997-08-28 Yoshimi Baba Communication method using common cryptographic key
US6002768A (en) * 1996-05-07 1999-12-14 International Computer Science Institute Distributed registration and key distribution system and method
US6519723B1 (en) * 1996-09-27 2003-02-11 Applied Digital Access, Inc. Firewall performance monitoring and limited access system
US6051501A (en) * 1996-10-09 2000-04-18 Micron Technology, Inc. Method of reducing overetch during the formation of a semiconductor device
US6061790A (en) * 1996-11-20 2000-05-09 Starfish Software, Inc. Network computer system with remote user data encipher methodology
US5905861A (en) * 1996-12-02 1999-05-18 Lovell; William S. Data authentication circuit
US6021496A (en) * 1997-07-07 2000-02-01 International Business Machines Corporation User authentication from non-native server domains in a computer network
US5948064A (en) * 1997-07-07 1999-09-07 International Business Machines Corporation Discovery of authentication server domains in a computer network
US6418466B1 (en) 1997-07-10 2002-07-09 International Business Machines Corporation Management of authentication discovery policy in a computer network
US6076163A (en) * 1997-10-20 2000-06-13 Rsa Security Inc. Secure user identification based on constrained polynomials
US6084967A (en) * 1997-10-29 2000-07-04 Motorola, Inc. Radio telecommunication device and method of authenticating a user with a voice authentication token
US6084968A (en) * 1997-10-29 2000-07-04 Motorola, Inc. Security token and method for wireless applications
US6148342A (en) * 1998-01-27 2000-11-14 Ho; Andrew P. Secure database management system for confidential records using separately encrypted identifier and access request
US6041122A (en) * 1998-02-27 2000-03-21 Intel Corporation Method and apparatus for hiding crytographic keys utilizing autocorrelation timing encoding and computation
US6199113B1 (en) * 1998-04-15 2001-03-06 Sun Microsystems, Inc. Apparatus and method for providing trusted network security
US6968390B1 (en) * 1999-04-15 2005-11-22 International Business Machines Corporation Method and system for enabling a network function in a context of one or all server names in a multiple server name environment
US6275859B1 (en) * 1999-10-28 2001-08-14 Sun Microsystems, Inc. Tree-based reliable multicast system where sessions are established by repair nodes that authenticate receiver nodes presenting participation certificates granted by a central authority
US7792745B2 (en) * 2000-02-25 2010-09-07 Ipass Inc. Method and system to facilitate financial settlement of service access transactions between multiple parties
US20010034693A1 (en) * 2000-02-25 2001-10-25 Jay Farhat Method and system to broker a service access transaction
US7240112B2 (en) * 2000-05-26 2007-07-03 Ipass Inc. Service quality monitoring process
US7519695B2 (en) * 2000-05-26 2009-04-14 Ipass Inc. Service quality monitoring process
US6985945B2 (en) * 2000-12-07 2006-01-10 Ipass, Inc. Service quality monitoring process
AU2001279312A1 (en) * 2000-08-02 2002-02-13 Ipass, Inc. A method and system to customize and update a network connection application fordistribution to mulitple end users
DE10055424A1 (de) * 2000-11-09 2002-05-29 Alcatel Sa Verfahren zum Speichern eines Sicherheitsschlüssels und Mehrrechnersystem zur Durchführung des Verfahrens
US6910130B2 (en) * 2000-11-29 2005-06-21 Hideki Imai System for and method of unconditionally secure digital signature
US7921290B2 (en) 2001-04-18 2011-04-05 Ipass Inc. Method and system for securely authenticating network access credentials for users
US20030065919A1 (en) * 2001-04-18 2003-04-03 Albert Roy David Method and system for identifying a replay attack by an access device to a computer system
US7469341B2 (en) * 2001-04-18 2008-12-23 Ipass Inc. Method and system for associating a plurality of transaction data records generated in a service access system
US7761606B2 (en) * 2001-08-02 2010-07-20 Ipass Inc. Method and system to secure a connection application for distribution to multiple end-users
US20030188160A1 (en) * 2001-08-02 2003-10-02 Singam Sunder Method and system to securely update files via a network
JP2005500740A (ja) 2001-08-13 2005-01-06 ザ ボード オブ トラスティーズ オブ ザ リーランド スタンフォード ジュニア ユニバーシティ Idベース暗号化および関連する暗号手法のシステムおよび方法
US7496751B2 (en) * 2001-10-29 2009-02-24 Sun Microsystems, Inc. Privacy and identification in a data communications network
US20030084302A1 (en) * 2001-10-29 2003-05-01 Sun Microsystems, Inc., A Delaware Corporation Portability and privacy with data communications network browsing
US7085840B2 (en) * 2001-10-29 2006-08-01 Sun Microsystems, Inc. Enhanced quality of identification in a data communications network
US7275260B2 (en) 2001-10-29 2007-09-25 Sun Microsystems, Inc. Enhanced privacy protection in identification in a data communications network
US20030084171A1 (en) * 2001-10-29 2003-05-01 Sun Microsystems, Inc., A Delaware Corporation User access control to distributed resources on a data communications network
GB0126426D0 (en) * 2001-11-03 2002-01-02 Royal Holloway University Of L Authentication of a remote user to a host in a data communication system
JP2005520395A (ja) * 2002-03-13 2005-07-07 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ 多項式に基づいたマルチユーザ用の鍵生成および認証方法と認証システム
US7961884B2 (en) * 2002-08-13 2011-06-14 Ipass Inc. Method and system for changing security information in a computer network
US20030226036A1 (en) * 2002-05-30 2003-12-04 International Business Machines Corporation Method and apparatus for single sign-on authentication
US7979712B2 (en) * 2002-07-01 2011-07-12 International Business Machines Corporation Network system, server and information terminal for list matching
US7657748B2 (en) * 2002-08-28 2010-02-02 Ntt Docomo, Inc. Certificate-based encryption and public key infrastructure
US20050055371A1 (en) * 2003-06-05 2005-03-10 Singam Sunder Method and system to manage a network connection application
US8606885B2 (en) * 2003-06-05 2013-12-10 Ipass Inc. Method and system of providing access point data associated with a network access point
EP1787199A2 (de) * 2004-02-18 2007-05-23 Ipass, Inc. Verfahren und system zur verwaltung von trasaktionen in einem fernnetzzugangssystem
US7539862B2 (en) * 2004-04-08 2009-05-26 Ipass Inc. Method and system for verifying and updating the configuration of an access device during authentication
EP1797668B1 (de) * 2004-09-30 2016-08-03 Koninklijke Philips N.V. Polynombasiertes authentifizierungsverfahren
CN101032116A (zh) * 2004-09-30 2007-09-05 皇家飞利浦电子股份有限公司 基于多项式的密钥分发系统和方法
CN101120351B (zh) * 2005-02-18 2010-10-06 Rsa安全公司 派生种子的分发方法
CN101194459B (zh) * 2005-06-08 2013-11-27 皇家飞利浦电子股份有限公司 用于移动躯体传感器网络的预分配确定性密钥
EP1915837B1 (de) * 2005-08-19 2020-04-22 Samsung Electronics Co., Ltd. Verfahren zum durchführen einer mehrfachen auf im voraus geteilten schlüsseln basierenden authentifikation auf einmal und system zum ausführen des verfahrens
US8412937B2 (en) * 2005-12-14 2013-04-02 Koninklijke Philips Electronics N.V. Method and system for authentication of a low-resource prover
US7836298B2 (en) * 2005-12-23 2010-11-16 International Business Machines Corporation Secure identity management
US8064604B2 (en) * 2006-04-04 2011-11-22 Oracle International Corporation Method and apparatus for facilitating role-based cryptographic key management for a database
WO2008140798A1 (en) * 2007-05-11 2008-11-20 Indiana University Research & Technology Corporation Flexible management of security for multi-user environments
US8006295B2 (en) * 2007-06-28 2011-08-23 Microsoft Corporation Domain ID service
JP2010534003A (ja) * 2007-07-03 2010-10-28 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ 患者モニタリングのための多次元的識別、認証、認可及び鍵配布システム
US20100046740A1 (en) * 2008-08-22 2010-02-25 Schneider James P Embedding a secret in a larger polynomial
KR101657705B1 (ko) * 2008-10-06 2016-09-19 코닌클리케 필립스 엔.브이. 네트워크를 운영하기 위한 방법, 시스템 관리 디바이스, 네트워크 및 이를 위한 컴퓨터 프로그램
JP5335072B2 (ja) 2009-04-06 2013-11-06 パナソニック株式会社 鍵実装システム
US9240010B2 (en) 2011-07-28 2016-01-19 Iii Holdings 1, Llc Systems and methods for generating and using a digital pass
TR2021004081A1 (tr) 2021-03-02 2022-09-21 Istanbul Teknik Ueniversitesi Bilimsel Ararstirma Proje Birim Bi̇r grup anahtari oluşturma yöntemi̇

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS589981B2 (ja) * 1978-04-26 1983-02-23 オムロン株式会社 利用者識別装置
SE426128B (sv) * 1981-04-08 1982-12-06 Philips Svenska Ab Metod vid overforing av datameddelanden mellan tva stationer, samt overforingsanleggning for utforande av metoden
JPH07118709B2 (ja) * 1987-01-16 1995-12-18 日本電信電話株式会社 秘密情報通信方式
JPH01125140A (ja) * 1987-11-10 1989-05-17 Nippon Telegr & Teleph Corp <Ntt> 複数局間秘密通信方式
US4987593A (en) * 1988-03-16 1991-01-22 David Chaum One-show blind signature systems

Also Published As

Publication number Publication date
JPH05103094A (ja) 1993-04-23
EP0511483A3 (en) 1993-06-09
EP0511483B1 (de) 1997-07-23
JPH07105791B2 (ja) 1995-11-13
DE69221017T2 (de) 1998-01-15
EP0511483A2 (de) 1992-11-04
US5202921A (en) 1993-04-13

Similar Documents

Publication Publication Date Title
DE69221017D1 (de) Verfahren und Vorrichtung zur gegenseitigen Authentifizierung von Benutzern in einen Kommunikationssystem
DE69233708D1 (de) Vorrichtung und Verfahren zur Schaffung von Netzwerksicherheit
DE68919923T2 (de) Verfahren und Vorrichtung zur Authentifizierung.
DE69634318D1 (de) Verfahren und Vorrichtung zur Gebührenerfassung von Benutzern in einem Geheimübertragungssystem
DE69617447D1 (de) Verfahren und vorrichtung zur anwender- authentifizierung
DE69332238D1 (de) Verfahren zur Authentifikation und dieses Verfahren verwendende Kommunikationsendeinrichtung und Kommunikationsverarbeitungseinheit
DE69323621D1 (de) Vorrichtung und verfahren zur gewinnung von leukocytfreiem trombozytkonzentrat
DE69429867D1 (de) Verfahren und einrichtung zur authentifizierung
DE69603577D1 (de) Verfahren und vorrichtung zur verabreichung von analgetika
DE69332459T2 (de) Verfahren und Vorrichtung zur Zeichenerkennung
DE69327375T2 (de) Verfahren und Vorrichtung zur Wiederherstellung von Bilddaten
DE69229199D1 (de) Gerät und Verfahren zur Zeichenerkennung
DE59105873D1 (de) Verfahren und Einrichtung zur Aufladung von Partikeln.
DE69227996T2 (de) Vorrichtung und verfahren zur vermittlung von datenblöcken
DE69215751T2 (de) Vorrichtung und Verfahren zur Zerkleinerung
DE68928692T2 (de) Verfahren und Vorrichtung zur Verbesserung von Einzelheiten in Bildern
DE69413140T2 (de) Verfahren und Vorrichtung zur Endarbeitung von Kommutatoren
DE69321787T2 (de) Verfahren und Vorrichtung zur Formung von gekrümmten Nadeln
DE69211781T2 (de) Verfahren und Vorrichtung zur Synchronisierung von zwei oder mehreren zeitmultiplexen Nachrichtennetzen
DE69939585D1 (de) Verfahren und vorrichtung zur verwaltung von objekten in einem kommunikationsnetz
DE69408510D1 (de) Verfahren und Vorrichtung zur Formung von rechteckigen gekrümmten Nadeln
DE69829311D1 (de) Vorrichtung und verfahren zur durchführung von weiterreichen in einem mobilkommunikationssystem
DE69113072T2 (de) Verfahren und Vorrichtung zur Datenkompression.
DE69328004T2 (de) Verfahren und Vorrichtung zur Unterscheidung von Münzen
DE69625303T2 (de) Verfahren und Vorrichtung zur Vorbereitung von mehrfach zusammengesetzten Bildern

Legal Events

Date Code Title Description
8364 No opposition during term of opposition
8339 Ceased/non-payment of the annual fee