公开(公告)号：WO1995014283A2

公开(公告)日：1995-05-26

申请号：PCT/US1994012426

申请日：1994-10-28

Applicant: HUGHES AIRCRAFT COMPANY

Inventor： HUGHES AIRCRAFT COMPANY ,  BATHRICK, Erwin, W. ,  GARBER, John, W. ,  HUANG, Cheng-Chi ,  KUNG, Kenneth, C. ,  MATTHEWS, Todd, E. ,  ZUMDA, James, E. ,  MATTHEWS, Regina, L.

IPC: G06K00/00

CPC classification number: H04L9/0838 ,  H04L9/3215 ,  H04L9/3263

Abstract: Disclosed is a computer system and a method for the protected distribution of certificate and keying material between a certification authority and at least one entity in the certification authority's domain, comprising the steps of sending keying material, including a password, generated by the Certifying Authority to the entity via a secure medium; generating and protecting, by the entity, a public and a private key pair using the keying material provided it by the certifying authority; generating, protecting and sending a request for a certificate to the certifying authority using the keying material provided it by the certifying authority; requesting, by the certifying authority, that the public key and address of the entity be sent to the certifying authority; protecting and sending the public key and address of the entity to the certifying authority using the keying material provided it by the certifying authority; assembling and issuing the certificate to the entity from the certifying authority and recording the public key of the entity at the certifying authority for public use within the domain of the certifying authority.

Abstract translation: 公开了一种计算机系统和用于在认证机构与认证机构的领域中的至少一个实体之间保护分发证书和密钥材料的方法，包括以下步骤：将由认证机构产生的密钥材料（包括密码）发送到 该实体经由安全媒体; 由实体生成和保护使用由认证机构提供的密钥材料的公钥和私钥对; 使用认证机构提供的密钥材料生成，保护和向认证机构发送证书请求; 由认证机关要求将实体的公钥和地址发送给认证机构; 使用认证机构提供的密钥材料保护和发送实体的公钥和地址给认证机构; 从认证机构组织并发放证书给实体，并在认证机构的领域内，将实体的公钥记录在认证机构进行公开使用。

公开(公告)号：WO1995016947A1

公开(公告)日：1995-06-22

申请号：PCT/US1994013677

申请日：1994-11-30

Applicant: HUGHES AIRCRAFT COMPANY

Inventor： HUGHES AIRCRAFT COMPANY ,  KUNG, Kenneth, C. ,  BATHRICK, Erwin, Ward ,  HUANG, Cheng-Chi ,  MA, Mae-Hwa ,  MATTHEWS, Todd, E. ,  ZMUDA, James, E.

IPC: G06F01/00

CPC classification number: H04L63/0869 ,  G06F21/31 ,  G06F21/445 ,  H04L9/3226 ,  H04L9/3273 ,  H04L63/083

Abstract: An authentication method (30) that permits a user (12) and a file serving workstation (13) to mutually authenticate themselves. This is accomplished by exchanging a random number that is encrypted by a password (22) that is known to the user (12) and stored in a password file on the file serving workstation (13). A logon ID (21) is sent from the client workstation (11) to the server workstation (13). The stored user password (22) corresponding to the user ID (21) is retrieved from the password file. A random number is created that is encrypted by a symmetric encryption algorithm on the server workstation (13) using the retrieved user password (22), and which provides an encrypted password (24). The user (12) is then requested to enter the password (22) into the user workstation (11). The entered password (22) is used to decrypt the encrypted password (24) received from the server workstation (13) and retrieve the random number therefrom to authenticate the server workstation (13). The random number is then used as the encryption and decryption key for communication between the user and server workstations (11, 13). An encrypted message is transmitted using the random number from the client workstation (12) to the server workstation (13). The encrypted message is decrypted at the server workstation (13) to authenticate the user (11).

Abstract translation: 允许用户（12）和文件服务工作站（13）相互认证的认证方法（30）。 这是通过交换通过用户（12）已知的并存储在文件服务工作站（13）上的密码文件中的密码（22）加密的随机数来实现的。 登录ID（21）从客户端工作站（11）发送到服务器工作站（13）。 从密码文件检索对应于用户ID（21）的存储的用户密码（22）。 创建通过使用检索的用户密码（22）在服务器工作站（13）上的对称加密算法加密并且提供加密密码（24）的随机数。 然后请求用户（12）将密码（22）输入用户工作站（11）。 输入的密码（22）用于解密从服务器工作站（13）接收的加密密码（24），并从中检索随机数，以验证服务器工作站（13）。 然后随机数用作用户和服务器工作站（11,13）之间的通信的加密和解密密钥。 使用从客户端工作站（12）到服务器工作站（13）的随机数来发送加密消息。 加密的消息在服务器工作站（13）被解密，以认证用户（11）。

公开(公告)号：EP0683907A1

公开(公告)日：1995-11-29

申请号：EP95903623.0

申请日：1994-11-30

Applicant: Hughes Aircraft Company

Inventor： KUNG, Kenneth, C. ,  BATHRICK, Erwin, Ward ,  HUANG, Cheng-Chi ,  MA, Mae-Hwa ,  MATTHEWS, Todd, E. ,  ZMUDA, James, E.

IPC: G06F21 ,  G06F13 ,  H04L9

CPC classification number: H04L63/0869 ,  G06F21/31 ,  G06F21/445 ,  H04L9/3226 ,  H04L9/3273 ,  H04L63/083

Abstract: An authentication method (30) that permits a user (12) and a file serving workstation (13) to mutually authenticate themselves. This is accomplished by exchanging a random number that is encrypted by a password (22) that is known to the user (12) and stored in a password file on the file serving workstation (13). A logon ID (21) is sent from the client workstation (11) to the server workstation (13). The stored user password (22) corresponding to the user ID (21) is retrieved from the password file. A random number is created that is encrypted by a symmetric encryption algorithm on the server workstation (13) using the retrieved user password (22), and which provides an encrypted password (24). The user (12) is then requested to enter the password (22) into the user workstation (11). The entered password (22) is used to decrypt the encrypted password (24) received from the server workstation (13) and retrieve the random number therefrom to authenticate the server workstation (13). The random number is then used as the encryption and decryption key for communication between the user and server workstations (11, 13). An encrypted message is transmitted using the random number from the client workstation (12) to the server workstation (13). The encrypted message is decrypted at the server workstation (13) to authenticate the user (11).

公开(公告)号：EP0682832A1

公开(公告)日：1995-11-22

申请号：EP94932109.0

申请日：1994-10-28

Applicant: Hughes Aircraft Company

Inventor： BATHRICK, Erwin, W. ,  GARBER, John, W. ,  HUANG, Cheng-Chi ,  KUNG, Kenneth, C. ,  MATTHEWS, Todd, E. ,  ZUMDA, James, E. ,  MATTHEWS, Regina, L.

IPC: G09C1 ,  H04L9

CPC classification number: H04L9/0838 ,  H04L9/3215 ,  H04L9/3263

Abstract: Disclosed is a computer system and a method for the protected distribution of certificate and keying material between a certification authority and at least one entity in the certification authority's domain, comprising the steps of sending keying material, including a password, generated by the Certifying Authority to the entity via a secure medium; generating and protecting, by the entity, a public and a private key pair using the keying material provided it by the certifying authority; generating, protecting and sending a request for a certificate to the certifying authority using the keying material provided it by the certifying authority; requesting, by the certifying authority, that the public key and address of the entity be sent to the certifying authority; protecting and sending the public key and address of the entity to the certifying authority using the keying material provided it by the certifying authority; assembling and issuing the certificate to the entity from the certifying authority and recording the public key of the entity at the certifying authority for public use within the domain of the certifying authority.