Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2000-08-23
2003-01-07
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S173000, C713S192000, C380S029000, C380S030000
Reexamination Certificate
active
06505302
ABSTRACT:
BACKGROUND OF THE INVENTION
Field of the Invention
The present invention relates generally to authentication using secure devices with limited cryptography, and more particularly pertains to authentication using secure devices with limited cryptography which no longer have the capability to do public-key cryptography and generate random numbers.
The present invention relates to computational devices that are secure, in the sense that they carry out correct computation (which may include storage and controlled usage of secrets) despite attacks by skilled and potentially well-funded adversaries.
When deployed, these computational devices interact with various authorities. In many scenarios, it is necessary for an authority to verify that a communication from an allegedly untampered computational device is genuine, and/or a computational device to verify that a communication allegedly from a particular authority is genuine.
Many strong and flexible techniques exist for this task. However, failures and other problems may leave these devices too crippled to perform these tasks. Two such failure scenarios are:
The computational device's capability to perform public-key cryptography and random-number generation depends on software that is stored in rewritable media, and which may fail, leaving the device without these capabilities.
Various zeroization scenarios may cause an otherwise untampered computational device to lose knowledge of its own certified private key, and/or the authority's public key.
SUMMARY OF THE INVENTION
The present invention provides a way to carry out authentication tasks in computational devices with constrained cryptographic capabilities.
The subject invention provides the following additional benefits:
It avoids the risks and complexities of maintaining a large database of secrets at an authority's site.
It avoids the weaknesses of derived-key approaches.
It easily permits the authority who performs the authentication to differ from the installation authority who performs initialization.
It continues to insulate untampered computational devices from being threatened by the successful compromise of any other computational device.
Accordingly, it is a primary object of the present invention to provide authentication for secure devices with limited cryptography.
A further object of the subject invention is the provision of authentication for secure devices with limited cryptography which no longer have the capability to do public-key cryptography and generate random numbers.
REFERENCES:
patent: 4759062 (1988-07-01), Traub et al.
patent: 5539828 (1996-07-01), Davis
patent: 5557518 (1996-09-01), Rosen
patent: 5610980 (1997-03-01), Johnson et al.
patent: 5787172 (1998-07-01), Arnold
patent: 6088797 (2000-07-01), Rosen
Matyas Stephen M.
Smith Sean William
Cameron Esq. Douglas W.
Peeso Thomas R.
Scully Scott Murphy & Presser
LandOfFree
Authentication for secure devices with limited cryptography does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Authentication for secure devices with limited cryptography, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Authentication for secure devices with limited cryptography will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3017011