WO2013090308A3 - Method and apparatus for authenticating a message - Google Patents

Method and apparatus for authenticating a message Download PDF

Info

Publication number
WO2013090308A3
WO2013090308A3 PCT/US2012/069053 US2012069053W WO2013090308A3 WO 2013090308 A3 WO2013090308 A3 WO 2013090308A3 US 2012069053 W US2012069053 W US 2012069053W WO 2013090308 A3 WO2013090308 A3 WO 2013090308A3
Authority
WO
WIPO (PCT)
Prior art keywords
nonce
count value
server
count
request
Prior art date
Application number
PCT/US2012/069053
Other languages
French (fr)
Other versions
WO2013090308A2 (en
WO2013090308A4 (en
Inventor
Pai MADHUSUDAN
Original Assignee
Motorola Solutions, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Motorola Solutions, Inc. filed Critical Motorola Solutions, Inc.
Publication of WO2013090308A2 publication Critical patent/WO2013090308A2/en
Publication of WO2013090308A3 publication Critical patent/WO2013090308A3/en
Publication of WO2013090308A4 publication Critical patent/WO2013090308A4/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer

Abstract

A method for transmitting and receiving authenticatable messages in a network communication system uses a NEXT-NONCE-COUNT along with the NONCE in a challenge transmitted from a client to a server. In addition, the client maintains a NONCE-COUNT value that is initialized to the NEXT-NONCE-COUNT in the challenge and thereafter incremented after every request is transmitted to the server. Each request includes the NONCE, a present value of the NONCE-COUNT value, and a signed response (SRES) that is a cryptographic hash of the NONCE, the present NONCE-COUNT value, and a shared secret user credential. The server, upon receiving a request, determines if the NONCE-COUNT value is sufficiently high compared to its server-maintained NONCE-COUNT value. When the received NONCE-COUNT value is sufficiently high compared to the server stored NONCE-COUNT value, and the received SRES is determined to be correct, the server increments its NONCE-COUNT value it maintains in association with the NONCE.
PCT/US2012/069053 2011-12-13 2012-12-12 Method and apparatus for authenticating a message WO2013090308A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN1548KO2011 2011-12-13
IN1548/KOL/2011 2011-12-13

Publications (3)

Publication Number Publication Date
WO2013090308A2 WO2013090308A2 (en) 2013-06-20
WO2013090308A3 true WO2013090308A3 (en) 2013-12-05
WO2013090308A4 WO2013090308A4 (en) 2014-01-30

Family

ID=47436248

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2012/069053 WO2013090308A2 (en) 2011-12-13 2012-12-12 Method and apparatus for authenticating a message

Country Status (1)

Country Link
WO (1) WO2013090308A2 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9059989B2 (en) * 2013-07-18 2015-06-16 Vmware, Inc. Hash synchronization for preventing unauthorized server access using stolen passwords
CN110753036B (en) * 2019-09-27 2022-04-22 苏州浪潮智能科技有限公司 Method and system for client quick authentication under CS framework

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070101412A1 (en) * 2005-10-28 2007-05-03 Yahoo! Inc. Low code-footprint security solution
US20080216160A1 (en) * 2007-03-01 2008-09-04 Mitsubishi Electric Corporation Robust digest authentication method
WO2011110402A1 (en) * 2010-03-11 2011-09-15 Siemens Aktiengesellschaft Method for the secure unidirectional transmission of signals

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070101412A1 (en) * 2005-10-28 2007-05-03 Yahoo! Inc. Low code-footprint security solution
US20080216160A1 (en) * 2007-03-01 2008-09-04 Mitsubishi Electric Corporation Robust digest authentication method
WO2011110402A1 (en) * 2010-03-11 2011-09-15 Siemens Aktiengesellschaft Method for the secure unidirectional transmission of signals

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
FRANKS J ET AL: "RFC 2617 - HTTP Authentication: Basic and Digest Authentication", INTERNET CITATION, June 1999 (1999-06-01), XP008084306, Retrieved from the Internet <URL:http://www.ietf.org/rfc/rfc2617.txt> [retrieved on 19990601] *

Also Published As

Publication number Publication date
WO2013090308A2 (en) 2013-06-20
WO2013090308A4 (en) 2014-01-30

Similar Documents

Publication Publication Date Title
WO2012141555A3 (en) Method and apparatus for providing machine-to-machine service
WO2012005930A3 (en) Method and devices for a light-weight security solution for host -based mobility and multihoming protocols
WO2013032671A3 (en) Methods and apparatus for source authentication of messages that are secured with a group key
EP4322465A3 (en) Method and device for secure communications over a network using a hardware security engine
GB2512249A (en) Secure peer discovery and authentication using a shared secret
GB2523710A (en) Multi-factor authentication and comprehensive login system for client-server networks
WO2010126638A3 (en) Identity based authenticated key agreement protocol
WO2011017099A3 (en) Secure communication using asymmetric cryptography and light-weight certificates
WO2012034807A3 (en) Method and apparatus for authenticating multicast messages
GB2511225A (en) Method and device for dynamically selecting a DHCP server for a client terminal device
GB201300412D0 (en) Resource access management
IN2014DN10973A (en)
WO2013106094A3 (en) System and method for device registration and authentication
WO2014059136A3 (en) Techniqued for secure data exchange
WO2015119679A3 (en) Method and system for securely establishing cryptographic keys for aircraft-to-aircraft communications
WO2014195501A3 (en) Electronic authentication systems
EP2456121A3 (en) Challenge response based enrollment of physical unclonable functions
WO2012087692A3 (en) System and method for secure communications in a communication system
MX2010003403A (en) Authentication method and framework.
GB2514055A (en) Bluetooth pairing system, method, and apparatus
WO2013067601A3 (en) Secure messaging
EP4247034A3 (en) Method and system for providing security from a radio access network
IN2012DN02391A (en)
WO2012087572A8 (en) Wireless communication system and method
WO2012092072A3 (en) System and method for mutually authenticated cryptographic key exchange using matrices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12806815

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12806815

Country of ref document: EP

Kind code of ref document: A2