公开(公告)号：BR9902804A

公开(公告)日：2000-03-28

申请号：BR9902804

申请日：1999-07-20

Applicant: LUCENT TECHNOLOGIES INC

Inventor： PATEL SARVAR

IPC: G09C1/00 ,  H04L9/00 ,  H04L9/32 ,  H04L29/06 ,  H04W12/06 ,  H04K1/00

Abstract: According to the two party authentication method, a first party generates and transfers a random number to a second party as a first challenge. The second party increments a count value in response to the first challenge, generates a first challenge response by performing a keyed cryptographic function (KCF) on the first challenge and the count value using a first key, and transfers the count value, as a second challenge, and the first challenge response to the first party. The first party verifies the second party based on the first challenge, the second challenge and the first challenge response. The first party also generates a second challenge response by performing the KCF on the second challenge using the first key, and transfers the second challenge response to the second party. The second party verifies the first party based on the second challenge and the second challenge response. For instance, the first and second parties can be a network and mobile, respectively, in a wireless system. Also, based on the first and second challenges, both the first and second parties may generate another key.

公开(公告)号：CA2277758A1

公开(公告)日：2000-01-31

申请号：CA2277758

申请日：1999-07-20

Applicant: LUCENT TECHNOLOGIES INC

Inventor： PATEL SARVAR

IPC: H04L9/08 ,  H04L9/00 ,  H04L12/28 ,  H04L29/06 ,  H04W12/04 ,  H04L9/28 ,  H04Q7/36

Abstract: In the method for securing over-the-air communication in wireless system, a mobile sends a system access request and dummy data associated with the system access request to a network. The network sends a first data stream including a first data portion to the mobile in response to the system access request and the dummy data. The mobile extracts the first data portion from the first bit stream, and sends a second bit stream to the network. The second bit stream includes a second data portion. The mobile and the network both generate a key based on the first data portion and the second data portion, and establish a first encrypted and authenticated communication channel in cooperation using the key. The mobile then transfers authorizing information to the network over the fist encrypted and authenticated communication channel. If accepted, a second encrypted and authenticated communication channel is established. The network then sends sensitive information such as the root or A-key to the mobile over the second encrypted and authenticated communication channel.

公开(公告)号：CA2260683A1

公开(公告)日：1999-09-04

申请号：CA2260683

申请日：1999-02-04

Applicant: LUCENT TECHNOLOGIES INC

Inventor： SUNDARAM GANAPATHY SUBRAMANIAN ,  PATEL SARVAR

IPC: G06F7/58 ,  G09C1/00

Abstract: The present invention is a method for outputting larger bit size pseudo-random number z; that is cryptographically secure. Since larger bit size pseudorandom numbers are being outputted, larger bit size segments of messages may be encrypted resulting in a speedier encryption process than encryption processes of the prior art. In one embodiment, the present invention is a pseudo-random number generator defined by a modular exponential function xi = g xt-i mod p . The output of the pseudo-random number generator being a pseudo-random number zi comprising a j-1 bit size segment of xi. The value of j being less than or equal to m-2c (i.e., j~m-2c). In an embodiment of the present invention, the pseudo-random number zi includes the j least significant bits of xi excluding the least significant bit of xi.

公开(公告)号：AU2008307670B2

公开(公告)日：2011-06-16

申请号：AU2008307670

申请日：2008-09-24

Applicant: LUCENT TECHNOLOGIES INC

Inventor： MORGAN TODD CARTWRIGHT ,  PATEL SARVAR ,  THOMPSON ROBIN JEFFREY

IPC: H04W12/06

Abstract: The present invention provides a method involving a femtocell in communication with a secure core network such as an Internet Protocol Multimedia Subsystem (IMS) network. The method includes receiving, from the femtocell and at a first secure entity in the IMS network, a global challenge including information indicating a random number. The method also includes receiving an authentication response computed by a mobile unit based on the random number and the first key known by the mobile unit and not known by the femtocell. The method further includes determining, at the first secure entity, that the random number is a legitimate random number provided to the femtocell by the IMS network.

公开(公告)号：DE602005001637T2

公开(公告)日：2008-06-05

申请号：DE602005001637

申请日：2005-02-15

Applicant: LUCENT TECHNOLOGIES INC

Inventor： PATEL SARVAR ,  WONG MARCUS

IPC: H04L9/12 ,  H04L9/14

Abstract: In the method, a value of a first cryptosync for a communication session is derived based on a value of a second cryptosync. The second cryptosync has a longer life than the first cryptosync.

公开(公告)号：DE69937322D1

公开(公告)日：2007-11-29

申请号：DE69937322

申请日：1999-07-20

Applicant: LUCENT TECHNOLOGIES INC

Inventor： PATEL SARVAR

IPC: G09C1/00 ,  H04L9/08 ,  H04L12/64 ,  H04W12/06

Abstract: In the method for updating secret shared data (SSD) in a wireless communication system, a first party outputs a first random number as a first challenge wherein the first party is one of a network and a mobile. A second party generates a second random number in response to the first challenge. The second party is the mobile if the first party is the network, and the second party is the network if the first party is the mobile. The second party generates a first challenge response by performing a keyed cryptographic function (KCF) on the first challenge and the second random number using a secondary key, which is not the SSD and is derived from a root key. The second party then transfers the second random number, as a second challenge, and the first challenge response to the first party. The first party verifies the second party based on the first and second challenges and the first challenge response, generates a second challenge response by performing the KCF on the second challenge using the secondary key, and transfers the second challenge response to the second party. The second party verifies the first party based on the second challenge and the second challenge response. Both parties respectively establish the SSD based on the first and second challenges.

公开(公告)号：DE60117726T2

公开(公告)日：2006-11-09

申请号：DE60117726

申请日：2001-08-14

Applicant: LUCENT TECHNOLOGIES INC

Inventor： PATEL SARVAR

IPC: H04L9/16 ,  H04L9/08 ,  H04W12/00

Abstract: The present invention is a key conversion system for deterministically and reversibly converting a first key value of a first communications system into a second key value of a second communication system. For example, the key conversion system generates a first intermediate value from at least a portion of the first key value using a first random function. At least a portion of the first intermediate value is provided to a second random function to produce a second value. An exclusive-or is performed on at least a portion of the first key value and at least a portion of the second value to generate a second intermediate value. At least a portion of the second intermediate value is provided to a third random function to produce a third value. By performing an exclusive-or on at least a portion of the third value and at least a portion of the first intermediate value, the key conversion system produces at least a first portion of the second key value, and at least a second portion of the second key value is produced as the second intermediate value.

公开(公告)号：DE60103737T2

公开(公告)日：2005-07-07

申请号：DE60103737

申请日：2001-11-19

Applicant: LUCENT TECHNOLOGIES INC

Inventor： PATEL SARVAR

IPC: G09C1/00 ,  H04L9/08 ,  H04L9/32 ,  H04Q7/38

Abstract: A message authentication system for generating a message authentication code (MAC) uses a single iteration of a keyed compression function when a message fits within an input block of the compression function, thereby improving efficiency. For messages that are larger than a block, the MAC system uses nested hash functions. The MAC system and method can use portions of the message as inputs to the nested hash functions. For example, the message authentication system can split the message into a first portion and a second portion. A hash function is performed using the first portion of the message as an input to achieve an intermediate result, and a keyed hash function is performed using a second portion of the message and the intermediate result as inputs. Thus, less of the message needs to be processed by the inner hash function, thereby improving efficiency, especially for smaller messages.

公开(公告)号：AT268963T

公开(公告)日：2004-06-15

申请号：AT01309740

申请日：2001-11-19

Applicant: LUCENT TECHNOLOGIES INC

Inventor： PATEL SARVAR

IPC: G09C1/00 ,  H04L9/08 ,  H04L9/32 ,  H04Q7/38

Abstract: A message authentication system for generating a message authentication code (MAC) uses a single iteration of a keyed compression function when a message fits within an input block of the compression function, thereby improving efficiency. For messages that are larger than a block, the MAC system uses nested hash functions. The MAC system and method can use portions of the message as inputs to the nested hash functions. For example, the message authentication system can split the message into a first portion and a second portion. A hash function is performed using the first portion of the message as an input to achieve an intermediate result, and a keyed hash function is performed using a second portion of the message and the intermediate result as inputs. Thus, less of the message needs to be processed by the inner hash function, thereby improving efficiency, especially for smaller messages.

公开(公告)号：DE60001630D1

公开(公告)日：2003-04-17

申请号：DE60001630

申请日：2000-10-23

Applicant: LUCENT TECHNOLOGIES INC

Inventor： BOYKO VICTOR VLADIMIR ,  GROSSE ERIC ,  MACKENZIE PHILIP DOUGLAS ,  PATEL SARVAR

IPC: G06F21/20 ,  H04L9/08 ,  H04L9/32

Abstract: Secure communication protocols are disclosed in which two parties generate a shared secret which may be used as a secure session key for communication between the parties. The protocols are based on Diffie-Hellman type key exchange in which a Diffie-Hellman value is combined with a function of at least a password using the group operation such that the Diffie-Hellman value may be extracted by the other party using the inverse group operation and knowledge of the password. In one embodiment, each of the parties explicitly authenticates the other party, while in another embodiment, the parties utilize implicit authentication relying on the generation of an appropriate secret session key to provide the implicit authentication. Typically, the parties will be a client computer and a server computer. In accordance with other embodiments of the invention, in order to protect against a security compromise at the server, the server is not in possession of the password, but instead is provided with, and stores, a so-called password verifier which is a function of the password and where the password itself cannot be determined from the value of the password verifier.