公开(公告)号：JP2001060947A

公开(公告)日：2001-03-06

申请号：JP2000210117

申请日：2000-07-11

Applicant: LUCENT TECHNOLOGIES INC

Inventor： MACKENZIE PHILIP DOUGLAS ,  SWAMINATHAN RAM

IPC: G06F21/20 ,  H04L9/08 ,  H04L9/32 ,  G06F15/00

Abstract: PROBLEM TO BE SOLVED: To provide a password single mutual authentication protocol which can prove safety. SOLUTION: A client decides whether a public key received from a server is the element of the test possible super set of the set of all public keys in a public key cipher system. When it is not such element, authentication is refused by the client. If not, a protocol is continued. In one embodiment, the client and the server shares one password used for authentication. The client generates a parameter (p) as the function of at least the public key and the password. When, as a result of operating a public key space mapping function FPK to (p), the FPK is the element of the message space of the public key, the client uses the open key to cipher the substantially random element in the message space of the public key and executes the group operation of the public key message space between the ciphered result and the FPK (p).

公开(公告)号：CA2313557C

公开(公告)日：2005-03-01

申请号：CA2313557

申请日：2000-07-06

Applicant: LUCENT TECHNOLOGIES INC

Inventor： MACKENZIE PHILIP DOUGLAS ,  SWAMINATHAN RAM

IPC: G06F21/20 ,  H04L9/08 ,  H04L9/32 ,  H04L9/30

Abstract: A password-only mutual network authentication protocol and key exchange protocol using a public key encryption scheme in which a server generates a public key / secret key pair and transmits the public key to a client. The client determines whether the public key was chosen in an acceptable manner, and if so, continues with the protocol. Otherwise, the client rejects authentication. If the protocol is continued, in one embodiment the client generates a parameter p as a function of the public ke y and a password (or, in an alternate embodiment, as a function of the public key an d a function of a password). If the public key space mapping function F PK applied to p, F PK(p), is an element of the public key message space, then the protocol continues. If F PK(p) is not an element of the public key message space, then the client determines to rejec t authentication, but continues with the protocol so that the server does not gain any information about the password. If the client determines to reject authentication, it will terminate the protocol at a later step at which time the termination of the protocol cannot leak any sensitive information. If both the client and the server accept authentication, then session keys are generated for subsequent secure communication between the client and server. Specific embodiments are disclosed in which RSA is used as the publi c key encryption scheme.

公开(公告)号：CA2313557A1

公开(公告)日：2001-01-13

申请号：CA2313557

申请日：2000-07-06

Applicant: LUCENT TECHNOLOGIES INC

Inventor： MACKENZIE PHILIP DOUGLAS ,  SWAMINATHAN RAM

IPC: G06F21/20 ,  H04L9/08 ,  H04L9/32 ,  H04L9/30

Abstract: A password-only mutual network authentication protocol and key exchange protocol using a public key encryption scheme in which a server generates a public key / secret key pair and transmits the public key to a client. The client determines whether the public key was chosen in an acceptable manner, and if so, continues with the protocol. Otherwise, the client rejects authentication. If the protocol is continued, in one embodiment the client generates a parameter p as a function of the public ke y and a password (or, in an alternate embodiment, as a function of the public key an d a function of a password). If the public key space mapping function F PK applied to p, F PK(p), is an element of the public key message space, then the protocol continues. If F PK(p) is not an element of the public key message space, then the client determines to rejec t authentication, but continues with the protocol so that the server does not gain any information about the password. If the client determines to reject authentication, it will terminate the protocol at a later step at which time the termination of the protocol cannot leak any sensitive information. If both the client and the server accept authentication, then session keys are generated for subsequent secure communication between the client and server. Specific embodiments are disclosed in which RSA is used as the publi c key encryption scheme.