[go: up one dir, main page]

FI20051023L - Method, apparatus and arrangement for authenticating a connection using a portable device - Google Patents

Method, apparatus and arrangement for authenticating a connection using a portable device Download PDF

Info

Publication number
FI20051023L
FI20051023L FI20051023A FI20051023A FI20051023L FI 20051023 L FI20051023 L FI 20051023L FI 20051023 A FI20051023 A FI 20051023A FI 20051023 A FI20051023 A FI 20051023A FI 20051023 L FI20051023 L FI 20051023L
Authority
FI
Finland
Prior art keywords
server system
challenge
response
authenticating
connection
Prior art date
Application number
FI20051023A
Other languages
Finnish (fi)
Swedish (sv)
Other versions
FI20051023A0 (en
FI20051023A7 (en
Inventor
Kimmo Ikonen
Markku Suominen
Original Assignee
Meridea Financial Software Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Meridea Financial Software Oy filed Critical Meridea Financial Software Oy
Priority to FI20051023A priority Critical patent/FI20051023L/en
Publication of FI20051023A0 publication Critical patent/FI20051023A0/en
Priority to PCT/FI2006/000329 priority patent/WO2007042608A1/en
Publication of FI20051023A7 publication Critical patent/FI20051023A7/en
Publication of FI20051023L publication Critical patent/FI20051023L/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Coupling Device And Connection With Printed Circuit (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A portable electronic device (311) is used for authenticating a connection between a remote computer and a server system (301). The device (311) receives a challenge from the server system (301), reads (511) from the challenge a piece of challenge data that describes a transaction to be executed at the server system (301) and outputs (513) said challenge data to a user. In generating a response to the challenge there is included response data that describes said transaction to be executed at the server system in the response. The response is digitally signed (601) using said response data and a shared secret that is known to the server system (301) and to the portable electronic device (311).
FI20051023A 2005-10-11 2005-10-11 Method, apparatus and arrangement for authenticating a connection using a portable device FI20051023L (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
FI20051023A FI20051023L (en) 2005-10-11 2005-10-11 Method, apparatus and arrangement for authenticating a connection using a portable device
PCT/FI2006/000329 WO2007042608A1 (en) 2005-10-11 2006-10-10 Method, devices and arrangement for authenticating a connection using a portable device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
FI20051023A FI20051023L (en) 2005-10-11 2005-10-11 Method, apparatus and arrangement for authenticating a connection using a portable device

Publications (3)

Publication Number Publication Date
FI20051023A0 FI20051023A0 (en) 2005-10-11
FI20051023A7 FI20051023A7 (en) 2007-04-12
FI20051023L true FI20051023L (en) 2007-04-12

Family

ID=35185164

Family Applications (1)

Application Number Title Priority Date Filing Date
FI20051023A FI20051023L (en) 2005-10-11 2005-10-11 Method, apparatus and arrangement for authenticating a connection using a portable device

Country Status (2)

Country Link
FI (1) FI20051023L (en)
WO (1) WO2007042608A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2977418B1 (en) * 2011-06-28 2013-06-28 Alcatel Lucent AUTHENTICATION SYSTEM VIA TWO COMMUNICATION DEVICES
US12432071B2 (en) * 2020-07-15 2025-09-30 Micron Technology, Inc. Secure serial peripheral interface (SPI) flash

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040015725A1 (en) * 2000-08-07 2004-01-22 Dan Boneh Client-side inspection and processing of secure content
FR2821225B1 (en) * 2001-02-20 2005-02-04 Mobileway REMOTE ELECTRONIC PAYMENT SYSTEM
TWI275037B (en) * 2001-12-04 2007-03-01 Gary Leung System and method for facilitating electronic financial transactions using a mobile telecommunication device
JP2005524184A (en) * 2002-04-28 2005-08-11 ペイクール インターナショナル リミテッド System for enabling a financial transaction service for a telecommunications carrier and method for performing such a transaction
CA2508526A1 (en) * 2002-12-03 2004-06-17 Funk Software, Inc. Tunneled authentication protocol for preventing man-in-the-middle attacks

Also Published As

Publication number Publication date
FI20051023A0 (en) 2005-10-11
WO2007042608A1 (en) 2007-04-19
FI20051023A7 (en) 2007-04-12

Similar Documents

Publication Publication Date Title
DE602005017050D1 (en) PERSONAL TOKEN AND METHOD FOR CONTROLLED AUTHENTICATION
TWI265418B (en) Methods and systems for authentication of components in a graphics system
WO2005086569A3 (en) System, method and apparatus for electronic authentication
WO2007000652A3 (en) System and method of secure online transactions using portable secure network devices
EA200870119A1 (en) DEVICE AND CONTROL SYSTEM COMPUTER SESSION
EP1775673A3 (en) Token authentication system
EP1914657A3 (en) Authentication system, authentication-service-providing device, authentication-service-providing method, and program
WO2004042540A3 (en) Methods and apparatus for dynamic user authentication
WO2007026228A3 (en) Secure delegation of trust
DE60024319D1 (en) VEREINTER LOGGING PROCESS
DE60011790D1 (en) GEBRAUCHERSCHNITTSTELLE
DE602004012996D1 (en) METHOD AND DEVICE FOR AUTHENTICATING USERS AND WEBSITES
WO2009034815A1 (en) Account management system, base account management device, derivative account management device and program
BR112014025965A2 (en) system and method for verification and authentication of data and identity
ATE527615T1 (en) SYSTEM AND METHOD FOR PREVENTING IDENTITY THEFT BY USING A SECURE DATA PROCESSING DEVICE
DE602005010068D1 (en) CERTIFICATE validity
FR2914810B1 (en) DEVICE FOR CONNECTING A PORTABLE ELECTRONIC DEVICE TO AT LEAST ONE OTHER ELECTRONIC APPARATUS AND SYSTEMS USING SUCH A DEVICE.
WO2008095011A3 (en) Methods and systems for authentication of a user
GB2463412A (en) Using an authentication ticket to initialize a computer
GB2521802A (en) Reissue of crypographic credentials
DK1455257T3 (en) System for connecting secrets to a computer system with tolerance for hardware changes
MY141019A (en) Challenge-based authentication without requiring knowledge of secret authentication
TW200709639A (en) Authentication method, authentication apparatus, and computer product
FI20051023L (en) Method, apparatus and arrangement for authenticating a connection using a portable device
DE602004007874D1 (en) Distribute a media file with meta information

Legal Events

Date Code Title Description
MA Patent expired