WO2013090308A3 - Method and apparatus for authenticating a message - Google Patents
Method and apparatus for authenticating a message Download PDFInfo
- Publication number
- WO2013090308A3 WO2013090308A3 PCT/US2012/069053 US2012069053W WO2013090308A3 WO 2013090308 A3 WO2013090308 A3 WO 2013090308A3 US 2012069053 W US2012069053 W US 2012069053W WO 2013090308 A3 WO2013090308 A3 WO 2013090308A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- nonce
- count value
- server
- count
- request
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
Abstract
A method for transmitting and receiving authenticatable messages in a network communication system uses a NEXT-NONCE-COUNT along with the NONCE in a challenge transmitted from a client to a server. In addition, the client maintains a NONCE-COUNT value that is initialized to the NEXT-NONCE-COUNT in the challenge and thereafter incremented after every request is transmitted to the server. Each request includes the NONCE, a present value of the NONCE-COUNT value, and a signed response (SRES) that is a cryptographic hash of the NONCE, the present NONCE-COUNT value, and a shared secret user credential. The server, upon receiving a request, determines if the NONCE-COUNT value is sufficiently high compared to its server-maintained NONCE-COUNT value. When the received NONCE-COUNT value is sufficiently high compared to the server stored NONCE-COUNT value, and the received SRES is determined to be correct, the server increments its NONCE-COUNT value it maintains in association with the NONCE.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
IN1548KO2011 | 2011-12-13 | ||
IN1548/KOL/2011 | 2011-12-13 |
Publications (3)
Publication Number | Publication Date |
---|---|
WO2013090308A2 WO2013090308A2 (en) | 2013-06-20 |
WO2013090308A3 true WO2013090308A3 (en) | 2013-12-05 |
WO2013090308A4 WO2013090308A4 (en) | 2014-01-30 |
Family
ID=47436248
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2012/069053 WO2013090308A2 (en) | 2011-12-13 | 2012-12-12 | Method and apparatus for authenticating a message |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2013090308A2 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9059989B2 (en) * | 2013-07-18 | 2015-06-16 | Vmware, Inc. | Hash synchronization for preventing unauthorized server access using stolen passwords |
CN110753036B (en) * | 2019-09-27 | 2022-04-22 | 苏州浪潮智能科技有限公司 | Method and system for client quick authentication under CS framework |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070101412A1 (en) * | 2005-10-28 | 2007-05-03 | Yahoo! Inc. | Low code-footprint security solution |
US20080216160A1 (en) * | 2007-03-01 | 2008-09-04 | Mitsubishi Electric Corporation | Robust digest authentication method |
WO2011110402A1 (en) * | 2010-03-11 | 2011-09-15 | Siemens Aktiengesellschaft | Method for the secure unidirectional transmission of signals |
-
2012
- 2012-12-12 WO PCT/US2012/069053 patent/WO2013090308A2/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070101412A1 (en) * | 2005-10-28 | 2007-05-03 | Yahoo! Inc. | Low code-footprint security solution |
US20080216160A1 (en) * | 2007-03-01 | 2008-09-04 | Mitsubishi Electric Corporation | Robust digest authentication method |
WO2011110402A1 (en) * | 2010-03-11 | 2011-09-15 | Siemens Aktiengesellschaft | Method for the secure unidirectional transmission of signals |
Non-Patent Citations (1)
Title |
---|
FRANKS J ET AL: "RFC 2617 - HTTP Authentication: Basic and Digest Authentication", INTERNET CITATION, June 1999 (1999-06-01), XP008084306, Retrieved from the Internet <URL:http://www.ietf.org/rfc/rfc2617.txt> [retrieved on 19990601] * |
Also Published As
Publication number | Publication date |
---|---|
WO2013090308A2 (en) | 2013-06-20 |
WO2013090308A4 (en) | 2014-01-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2012141555A3 (en) | Method and apparatus for providing machine-to-machine service | |
WO2012005930A3 (en) | Method and devices for a light-weight security solution for host -based mobility and multihoming protocols | |
WO2013032671A3 (en) | Methods and apparatus for source authentication of messages that are secured with a group key | |
EP4322465A3 (en) | Method and device for secure communications over a network using a hardware security engine | |
GB2512249A (en) | Secure peer discovery and authentication using a shared secret | |
GB2523710A (en) | Multi-factor authentication and comprehensive login system for client-server networks | |
WO2010126638A3 (en) | Identity based authenticated key agreement protocol | |
WO2011017099A3 (en) | Secure communication using asymmetric cryptography and light-weight certificates | |
WO2012034807A3 (en) | Method and apparatus for authenticating multicast messages | |
GB2511225A (en) | Method and device for dynamically selecting a DHCP server for a client terminal device | |
GB201300412D0 (en) | Resource access management | |
IN2014DN10973A (en) | ||
WO2013106094A3 (en) | System and method for device registration and authentication | |
WO2014059136A3 (en) | Techniqued for secure data exchange | |
WO2015119679A3 (en) | Method and system for securely establishing cryptographic keys for aircraft-to-aircraft communications | |
WO2014195501A3 (en) | Electronic authentication systems | |
EP2456121A3 (en) | Challenge response based enrollment of physical unclonable functions | |
WO2012087692A3 (en) | System and method for secure communications in a communication system | |
MX2010003403A (en) | Authentication method and framework. | |
GB2514055A (en) | Bluetooth pairing system, method, and apparatus | |
WO2013067601A3 (en) | Secure messaging | |
EP4247034A3 (en) | Method and system for providing security from a radio access network | |
IN2012DN02391A (en) | ||
WO2012087572A8 (en) | Wireless communication system and method | |
WO2012092072A3 (en) | System and method for mutually authenticated cryptographic key exchange using matrices |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 12806815 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 12806815 Country of ref document: EP Kind code of ref document: A2 |