公开(公告)号：JP2001060947A

公开(公告)日：2001-03-06

申请号：JP2000210117

申请日：2000-07-11

Applicant: LUCENT TECHNOLOGIES INC

Inventor： MACKENZIE PHILIP DOUGLAS ,  SWAMINATHAN RAM

IPC: G06F21/20 ,  H04L9/08 ,  H04L9/32 ,  G06F15/00

Abstract: PROBLEM TO BE SOLVED: To provide a password single mutual authentication protocol which can prove safety. SOLUTION: A client decides whether a public key received from a server is the element of the test possible super set of the set of all public keys in a public key cipher system. When it is not such element, authentication is refused by the client. If not, a protocol is continued. In one embodiment, the client and the server shares one password used for authentication. The client generates a parameter (p) as the function of at least the public key and the password. When, as a result of operating a public key space mapping function FPK to (p), the FPK is the element of the message space of the public key, the client uses the open key to cipher the substantially random element in the message space of the public key and executes the group operation of the public key message space between the ciphered result and the FPK (p).

公开(公告)号：CA2335172A1

公开(公告)日：2001-09-17

申请号：CA2335172

申请日：2001-02-09

Applicant: LUCENT TECHNOLOGIES INC

Inventor： GROSSE ERIC ,  BOYKO VICTOR VLADIMIR ,  MACKENZIE PHILIP DOUGLAS ,  PATEL SARVAR

IPC: G06F21/20 ,  H04L9/08 ,  H04L9/32 ,  H04L9/00

Abstract: Secure communication protocols are disclosed in which two parties genera te a shared secret which may be used as a secure session key for communication between the parties. The protocols are based on Diffie-Hellman type key exchange in which a Diffie-Hellman value is combined with a function of at least a password using the group operation such that the Diffie-Hellman value may be extracte d by the other party using the inverse group operation and knowledge of the password. In one embodiment, each of the parties explicitly authenticates the other party, while in another embodiment, the parties utilize implicit authentication relying o n the generation of an appropriate secret session key to provide the implicit authentication. Typically, the parties will be a client computer and a serve r computer. In accordance with other embodiments of the invention, in order to protect against a security compromise at the server, the server is not in possession of the password, but instead is provided with, and stores, a so-called password verifier which is a function of the password and where the password itself cannot be determined from the value of the password verifier.

公开(公告)号：CA2335172C

公开(公告)日：2005-04-12

申请号：CA2335172

申请日：2001-02-09

Applicant: LUCENT TECHNOLOGIES INC

Inventor： MACKENZIE PHILIP DOUGLAS ,  PATEL SARVAR ,  GROSSE ERIC ,  BOYKO VICTOR VLADIMIR

IPC: G06F21/20 ,  H04L9/08 ,  H04L9/32 ,  H04L9/00

Abstract: Secure communication protocols are disclosed in which two parties genera te a shared secret which may be used as a secure session key for communication between the parties. The protocols are based on Diffie-Hellman type key exchange in which a Diffie-Hellman value is combined with a function of at least a password using the group operation such that the Diffie-Hellman value may be extracte d by the other party using the inverse group operation and knowledge of the password. In one embodiment, each of the parties explicitly authenticates the other party, while in another embodiment, the parties utilize implicit authentication relying o n the generation of an appropriate secret session key to provide the implicit authentication. Typically, the parties will be a client computer and a serve r computer. In accordance with other embodiments of the invention, in order to protect against a security compromise at the server, the server is not in possession of the password, but instead is provided with, and stores, a so-called password verifier which is a function of the password and where the password itself cannot be determined from the value of the password verifier.

公开(公告)号：CA2313557C

公开(公告)日：2005-03-01

申请号：CA2313557

申请日：2000-07-06

Applicant: LUCENT TECHNOLOGIES INC

Inventor： MACKENZIE PHILIP DOUGLAS ,  SWAMINATHAN RAM

IPC: G06F21/20 ,  H04L9/08 ,  H04L9/32 ,  H04L9/30

Abstract: A password-only mutual network authentication protocol and key exchange protocol using a public key encryption scheme in which a server generates a public key / secret key pair and transmits the public key to a client. The client determines whether the public key was chosen in an acceptable manner, and if so, continues with the protocol. Otherwise, the client rejects authentication. If the protocol is continued, in one embodiment the client generates a parameter p as a function of the public ke y and a password (or, in an alternate embodiment, as a function of the public key an d a function of a password). If the public key space mapping function F PK applied to p, F PK(p), is an element of the public key message space, then the protocol continues. If F PK(p) is not an element of the public key message space, then the client determines to rejec t authentication, but continues with the protocol so that the server does not gain any information about the password. If the client determines to reject authentication, it will terminate the protocol at a later step at which time the termination of the protocol cannot leak any sensitive information. If both the client and the server accept authentication, then session keys are generated for subsequent secure communication between the client and server. Specific embodiments are disclosed in which RSA is used as the publi c key encryption scheme.

公开(公告)号：DE60001630T2

公开(公告)日：2003-12-18

申请号：DE60001630

申请日：2000-10-23

Applicant: LUCENT TECHNOLOGIES INC

Inventor： BOYKO VICTOR VLADIMIR ,  GROSSE ERIC ,  MACKENZIE PHILIP DOUGLAS ,  PATEL SARVAR

IPC: G06F21/20 ,  H04L9/08 ,  H04L9/32

Abstract: Secure communication protocols are disclosed in which two parties generate a shared secret which may be used as a secure session key for communication between the parties. The protocols are based on Diffie-Hellman type key exchange in which a Diffie-Hellman value is combined with a function of at least a password using the group operation such that the Diffie-Hellman value may be extracted by the other party using the inverse group operation and knowledge of the password. In one embodiment, each of the parties explicitly authenticates the other party, while in another embodiment, the parties utilize implicit authentication relying on the generation of an appropriate secret session key to provide the implicit authentication. Typically, the parties will be a client computer and a server computer. In accordance with other embodiments of the invention, in order to protect against a security compromise at the server, the server is not in possession of the password, but instead is provided with, and stores, a so-called password verifier which is a function of the password and where the password itself cannot be determined from the value of the password verifier.

公开(公告)号：DE60001630D1

公开(公告)日：2003-04-17

申请号：DE60001630

申请日：2000-10-23

Applicant: LUCENT TECHNOLOGIES INC

Inventor： BOYKO VICTOR VLADIMIR ,  GROSSE ERIC ,  MACKENZIE PHILIP DOUGLAS ,  PATEL SARVAR

IPC: G06F21/20 ,  H04L9/08 ,  H04L9/32

Abstract: Secure communication protocols are disclosed in which two parties generate a shared secret which may be used as a secure session key for communication between the parties. The protocols are based on Diffie-Hellman type key exchange in which a Diffie-Hellman value is combined with a function of at least a password using the group operation such that the Diffie-Hellman value may be extracted by the other party using the inverse group operation and knowledge of the password. In one embodiment, each of the parties explicitly authenticates the other party, while in another embodiment, the parties utilize implicit authentication relying on the generation of an appropriate secret session key to provide the implicit authentication. Typically, the parties will be a client computer and a server computer. In accordance with other embodiments of the invention, in order to protect against a security compromise at the server, the server is not in possession of the password, but instead is provided with, and stores, a so-called password verifier which is a function of the password and where the password itself cannot be determined from the value of the password verifier.

公开(公告)号：CA2313557A1

公开(公告)日：2001-01-13

申请号：CA2313557

申请日：2000-07-06

Applicant: LUCENT TECHNOLOGIES INC

Inventor： MACKENZIE PHILIP DOUGLAS ,  SWAMINATHAN RAM

IPC: G06F21/20 ,  H04L9/08 ,  H04L9/32 ,  H04L9/30

Abstract: A password-only mutual network authentication protocol and key exchange protocol using a public key encryption scheme in which a server generates a public key / secret key pair and transmits the public key to a client. The client determines whether the public key was chosen in an acceptable manner, and if so, continues with the protocol. Otherwise, the client rejects authentication. If the protocol is continued, in one embodiment the client generates a parameter p as a function of the public ke y and a password (or, in an alternate embodiment, as a function of the public key an d a function of a password). If the public key space mapping function F PK applied to p, F PK(p), is an element of the public key message space, then the protocol continues. If F PK(p) is not an element of the public key message space, then the client determines to rejec t authentication, but continues with the protocol so that the server does not gain any information about the password. If the client determines to reject authentication, it will terminate the protocol at a later step at which time the termination of the protocol cannot leak any sensitive information. If both the client and the server accept authentication, then session keys are generated for subsequent secure communication between the client and server. Specific embodiments are disclosed in which RSA is used as the publi c key encryption scheme.