Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2006-07-11
2006-07-11
Sheikh, Ayaz (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S169000, C380S028000
Reexamination Certificate
active
07076656
ABSTRACT:
A secure protocol is provided which uses a Diffie-Hellman type shared secret, but modified such that the two parties may authenticate each other using a shared password. In accordance with the invention, a party generates the Diffie-Hellman value gxand combines it with a function of at least the password using a group operation, wherein any portion of a result associated with the function that is outside the group is randomized. The resulting value is transmitted to the other party. The group operation is defined for the particular group being used. Every group has a group operation and a corresponding inverse group operation. Upon receipt of the value, the other party performs the inverse group operation on the received value and the function of at least the password, and removes the randomization of any portion of the result associated with the function that is outside the group, to extract gxsuch that the other party may then generate the shared secret gxyusing its knowledge of y.
REFERENCES:
patent: 4956863 (1990-09-01), Goss
patent: 5241599 (1993-08-01), Bellovin et al.
patent: 5351293 (1994-09-01), Michener et al.
patent: 5440635 (1995-08-01), Bellovin et al.
patent: 5450493 (1995-09-01), Maher
patent: 5602917 (1997-02-01), Mueller
patent: 6028937 (2000-02-01), Tatebayashi et al.
patent: 6226383 (2001-05-01), Jablon
patent: 6539479 (2003-03-01), Wu
patent: 6829356 (2004-12-01), Ford
patent: 6910129 (2005-06-01), Deng et al.
patent: 6993651 (2006-01-01), Wray et al.
patent: 2001/0055388 (2001-12-01), Kaliski, Jr.
patent: 2004/0128517 (2004-07-01), Drews et al.
patent: 1 134 929 (2001-09-01), None
patent: 1248408 (2002-10-01), None
patent: WO 2005055512 (2005-06-01), None
Li Gong, T. Mark A. Lomas, Roger M. Needham, Jerome H. Saltzer, Protecting Poorly Chosen Secrets from Guessing Attacks (1993) IEEE Journal on Selected Areas in Communications.
Schneier, Bruce, Applied Cryptography 1996 John Wiley & Sons, 2nd Edition.
Oorcshot et al. On Diffie-Hellman Key Agreement with Short Exponents. Feb. 19, 1996, Proc. of Eurocrypt '96, Springer-Verlag LNCS.
Seo et al, Simple Authenticated Key Agreement Algorithm, Jun. 1999, IEEE, vol. 35 Issue 13, pp. 1073-1074.
Wang et al, Supervising Secret-Key Agreements in a Level-Based Hierarchy, 2004, IEEE, vol. 1, pp. 309-314.
Yuh-Min Tseng, A Robust Multi-Party Key Agreement Protocol Resistant to Malicious Participants, May 2005, The Computer Journal, vol. 48 No. 4, pp. 480-487.
Bhattacharya et al, Improving the Diffie-Hellman Secure Key Exchange, 2005, IEEE, vol. 1, pp. 193-197.
U.S. Appl. No. 09/638,320, filed Aug. 14, 2000, V.V. Boyko et al., “Secure Mutual Network Authentication and Key Exchange Protocol.”
U.S. Appl. No. 09/353,468, filed Jul. 13, 1999, P.D. MacKenzie et al., “Secure Mutual Network Authentication Protocol (SNAPI).”
D. Jablon, “Strong Password-Only Authenticated Key Exchange,” ACM Computer Communications Review, ACM SIGCOMM, pp. 1-22, 1996.
S.M. Bellovin et al., “Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks,” Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 72-84, 1992.
S.M. Bellovin et al., “Augmented Encrypted Key Exchange: A Password-Based Protocol Secure Against Dictionary Attacks and Password File Compromise,” Proceedings of the First Annual Conference on Computer and Communications Security, pp. 1-7, 1993.
M. Steiner et al., “Refinement and Extension of Encrypted Key Exchange,” ACM Operating System Review, pp. 1-9, 1994.
T. Wu, “The Secure Remote Password Protocol,” Proceedings of the 1998 Internet Society Symposium on Network and Distributed System Security, pp. 1-17, 1997.
Stefan Lucks, “Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys,” Security Protocol Workshop, pp. 1-12, 1997.
M. Bellare et al., “Authenticated Key Exchange Secure Against Dictionary Attacks,” Advances in Cryptology, pp. 1-16, Eurocrypt 2000.
S. Patel, “Number Theoretic Attacks on Secure Password Schemes,” Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 236-247, 1997.
W. Diffie et al., “New Directions in Cryptography,” IEEE Transactions on Information Theory, vol. IT 22, No. 6, pp. 644-654, 1976.
FIPS 180-1, “Secure Hash Standard,” Federal Information Processing Standards Publication 180-1, pp. 1-21, 1995.
H. Dobbertin et al., RIPEMD-160: a Strengthened Version of RIPEMD, Fast Software Encryption, 3rd Intl. Workshop, pp. 1-13, 1996.
R.L. Rivest et al., “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communications of the ACM, vol. 21, No. 2, pp. 120-126, 1978.
D.P. Jablon, “Extended Password Key Exchange Protocols Immune to Dictionary Attack,” WETICE Workshop on Enterprise Security, pp. 1-8, 1997.
V. Boyko et al., “Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman,” Advances in Cryptology, Eurocrypt 2000, pp. 156-171, 2000.
Lucent Technologies - Inc.
Moorthy Aravind K
Sheikh Ayaz
LandOfFree
Methods and apparatus for providing efficient... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods and apparatus for providing efficient..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods and apparatus for providing efficient... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3552937