Invention Grant
- Patent Title: Authentication and data integrity protection of token
- Patent Title (中): 令牌的认证和数据完整性保护
-
Application No.: US13504874Application Date: 2010-09-28
-
Publication No.: US09118643B2Publication Date: 2015-08-25
- Inventor: Rainer Falk
- Applicant: Rainer Falk
- Applicant Address: DE Munich
- Assignee: SIEMENS AKTIENGESELLSCHAFT
- Current Assignee: SIEMENS AKTIENGESELLSCHAFT
- Current Assignee Address: DE Munich
- Agency: Staas & Halsey LLP
- Priority: DE102009051201 20091029
- International Application: PCT/EP2010/064313 WO 20100928
- International Announcement: WO2011/051064 WO 20110505
- Main IPC: H04K1/00
- IPC: H04K1/00 ; H04L29/06 ; G06F21/31 ; G06F21/64 ; G06Q20/34 ; G07F7/08 ; G07F7/12 ; H04L9/32
Abstract:
In deriving a cryptographic key from the response message in a challenge-response message in a challenge-response authentication, a checksum for the related response is calculated after receiving a challenge message and before the related response has been transferred. A cryptographic key is derived from the response, which is used to determine the cryptographic checksum. The cryptographic checksum is transferred in a first time period after receiving the challenge message. The response message is transferred during a later, second time period. The duration of validity of the key derived from the response message ends before the response message is transferred. A theoretical attacker who can overhear and manipulate the communication will not know the response message until a point in time when the cryptographic key which can be derived therefrom is already no longer valid.
Public/Granted literature
- US20120213368A1 AUTHENTICATION AND DATA INTEGRITY PROTECTION OF A TOKEN Public/Granted day:2012-08-23
Information query
