[go: up one dir, main page]

WO1999055991A2 - Procede d'authentification - Google Patents

Procede d'authentification Download PDF

Info

Publication number
WO1999055991A2
WO1999055991A2 PCT/DE1999/001234 DE9901234W WO9955991A2 WO 1999055991 A2 WO1999055991 A2 WO 1999055991A2 DE 9901234 W DE9901234 W DE 9901234W WO 9955991 A2 WO9955991 A2 WO 9955991A2
Authority
WO
WIPO (PCT)
Prior art keywords
instance
component
authentication
mod
lock
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/DE1999/001234
Other languages
German (de)
English (en)
Other versions
WO1999055991A3 (fr
Inventor
Jean Georgiades
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens AG
Siemens Corp
Original Assignee
Siemens AG
Siemens Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG, Siemens Corp filed Critical Siemens AG
Priority to EP99927720A priority Critical patent/EP1078139A2/fr
Priority to JP2000546123A priority patent/JP2002513220A/ja
Publication of WO1999055991A2 publication Critical patent/WO1999055991A2/fr
Publication of WO1999055991A3 publication Critical patent/WO1999055991A3/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/20Means to switch the anti-theft system on or off
    • B60R25/24Means to switch the anti-theft system on or off using electronic identifiers containing a code not memorised by the user
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00388Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks code verification carried out according to the challenge/response method
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/0042Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed
    • G07C2009/00476Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed dynamically
    • G07C2009/00484Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed dynamically whereby the code is a variable code
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Definitions

  • the invention relates to a method for authentication.
  • a method for authentication (also: authentication, authentication) is known from [1].
  • An iterated one-way function f is a function that applies to
  • the iterative application of the one-way function f returns a sequence of numbers
  • a reversal that is to say a backward iteration according to which x m is to be determined from knowledge of Xjn + 1, is not possible at all or only with very great effort.
  • An example of such a one-way function is the discrete logarithm modulo of a prime number p.
  • a "trapdoor function” is an iterated one-way function which allows its inversion by using a special solution mechanism (said "trapdoor”).
  • a second instance e.g. a key
  • a first instance e.g. a lock
  • the second instance sends a component to the first instance, the first instance in turn with another Component answers and thus authenticates itself to the second instance (mechanism of one-sided authentication).
  • authentication methods place high demands on a storage space to be made available.
  • the object of the invention is to provide a method for authentication, whereby extremely low demands are made on a storage space to be provided.
  • an authentication method which comprises the following steps:
  • a first component is transmitted from a first instance to a second instance.
  • a second component is determined from the transmitted first component by means of a backward iteration with a special solution mechanism (the trap door described) and transmitted to the first instance.
  • the second component in a sequence of values which are determined by the backward iteration or the inverse iterated one-way function, represents a processor component of the first component.
  • the described transmissions can optionally be connectionless, e.g. via radio or by induction, or e.g. done connection-oriented via a cable.
  • a decisive advantage of the method described is that only a few components have to be kept in the memory, and the memory can therefore be dimensioned accordingly small.
  • An iteration that is to say repeated authentication of the second instance with respect to the first instance, is preferably achieved in that after carrying out steps a) to d) the second component is set equal to the first component and the method is continued with step a).
  • An embodiment of the method is the implementation of a predetermined action, e.g. starting a vehicle from the first instance after the second instance has successfully authenticated.
  • a further development consists in that the iterated one-way function is determined by
  • n is an integer
  • mod the MODULO operator mod the MODULO operator, xi the first component and X2 the second component.
  • Said solution mechanism is that the second instance knows the prime numbers from which the number n is composed.
  • the number n is preferably determined by
  • the first instance is an electronic lock and the second instance is an electronic key.
  • the method can be used in an immobilizer for a vehicle.
  • Show it 1 shows a block diagram comprising steps of a method for authentication
  • Fig.2 is a sketch that symbolically represents an arrangement of lock and key.
  • a block diagram is shown, which comprises steps of a method for authentication.
  • a second instance 102 preferably a key
  • a first instance 101 preferably a lock.
  • the first instance 101 is aware of a component K (cf. step 103).
  • This component Kj_ is transmitted to the second instance 102 in a step 105 and the component K is received in a step 106 on the second instance 102.
  • a component Ki_ ⁇ _ preceding the component Ki is now determined on the second instance in a step 107 and transmitted to the first instance 101 in a step 108.
  • the solution mechanism ("trap door") is used in step 107 in order to calculate the four roots of the first component Ki. Again through this solution mechanism one arrives at the root which is itself a square. So you have that
  • Processor component Ki-i of component Ki found. After the transmission (cf. step 108), the component K -i is received by the first instance 101 in a step 109. In a subsequent step 110, it is checked whether the received component Ki-i correctly authenticates the second instance 102. For this purpose, the component Ki-i is used as input for an iterated one-way function and the result is compared with the component Ki. If the result is not the same as the component Ki, a step 111 indicates that the authentication of the second instance 102 to the first instance 101 has failed and that Procedure ended (see step 112). Otherwise, the second instance 102 is successfully authenticated to the first instance 101 in a step 113. In a step 114, the component Ki__ becomes the new component Ki and continues with step 103.
  • step 107 the processor component Ki-i is to be determined:
  • the number sought is 25 and is transmitted to the first instance as a second component.
  • FIG. 2 shows a sketch which symbolically represents an arrangement of lock and key. This arrangement is preferably used in an immobilizer of a motor vehicle.
  • a lock 201 requires authentication of a key 202 via a predetermined one
  • Communication channel 203 The information transmitted on the communication channel can be found in the flow chart from FIG.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mechanical Engineering (AREA)
  • Signal Processing (AREA)
  • Lock And Its Accessories (AREA)

Abstract

L'invention concerne un procédé qui permet une authentification d'une première instance (clé) par rapport à une seconde instance (serrure). A cet effet, une première composante d'une série de chiffres, qui sont déterminés par une fonction univoque itérée, est transmise de la serrure à la clé. Sur la base d'une gâche, la composante précurseur est déterminée à partir de la clé et renvoyée à la serrure. La serrure vérifie si la composante précurseur est correcte. Si c'est le cas, la clé est authentifiée avec succès par rapport à la serrure, sinon l'authentification n'aboutit pas.
PCT/DE1999/001234 1998-04-29 1999-04-26 Procede d'authentification Ceased WO1999055991A2 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP99927720A EP1078139A2 (fr) 1998-04-29 1999-04-26 Procede d'authentification
JP2000546123A JP2002513220A (ja) 1998-04-29 1999-04-26 認証方法

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE19819232.0 1998-04-29
DE19819232 1998-04-29

Publications (2)

Publication Number Publication Date
WO1999055991A2 true WO1999055991A2 (fr) 1999-11-04
WO1999055991A3 WO1999055991A3 (fr) 1999-12-16

Family

ID=7866225

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/DE1999/001234 Ceased WO1999055991A2 (fr) 1998-04-29 1999-04-26 Procede d'authentification

Country Status (3)

Country Link
EP (1) EP1078139A2 (fr)
JP (1) JP2002513220A (fr)
WO (1) WO1999055991A2 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1172776A3 (fr) * 2000-07-15 2002-10-16 ED Vision (Holdings) Limited Procédé d'authentification certifiée
WO2002021469A3 (fr) * 2000-09-05 2002-11-28 Ed Vision Holdings Ltd Procede d'authentification interactive
FR2834578A1 (fr) * 2002-01-04 2003-07-11 Somfy Procede d'authentifications successives d'une unite par une autre

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3122534C1 (de) * 1981-06-05 1983-03-31 The Grey Lab. Establishment, 9490 Vaduz Verfahren zur Erzeugung sowie Kontrolle von Dokumenten, sowie Dokument und Vorrichtung zur Durchführung des Verfahrens
GB2102606B (en) * 1981-06-19 1985-01-30 Nat Res Dev Apparatus and methods for making payments electronically
FR2536928B1 (fr) * 1982-11-30 1989-10-06 France Etat Systeme pour chiffrer et dechiffrer des informations, du type utilisant un systeme de dechiffrement a cle publique
FR2706210B1 (fr) * 1993-06-08 1995-07-21 Bull Cp8 Procédé d'authentification d'un objet portatif par un terminal hors ligne, objet portatif et terminal correspondants.
FR2745135B1 (fr) * 1996-02-15 1998-09-18 Cedric Colnot Procede pour faire autoriser par un serveur l'acces a un service a partir de dispositifs portatifs a microcircuits electroniques du type carte a memoire par exemple

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1172776A3 (fr) * 2000-07-15 2002-10-16 ED Vision (Holdings) Limited Procédé d'authentification certifiée
WO2002021469A3 (fr) * 2000-09-05 2002-11-28 Ed Vision Holdings Ltd Procede d'authentification interactive
FR2834578A1 (fr) * 2002-01-04 2003-07-11 Somfy Procede d'authentifications successives d'une unite par une autre

Also Published As

Publication number Publication date
EP1078139A2 (fr) 2001-02-28
JP2002513220A (ja) 2002-05-08
WO1999055991A3 (fr) 1999-12-16

Similar Documents

Publication Publication Date Title
DE69920875T2 (de) Vorrichtung und Verfahren zum Berechnen einer digitalen Unterschrift
EP0472714B1 (fr) Procede d'authentification d'un utilisateur utilisant une station de donnees
DE69408176T2 (de) Verwaltungsverfahren von Geheimschlüsseln zwischen zwei Chipkarten
DE69333068T2 (de) Verfahren zur ausdehnung der gültigkeit eines kryptographischen zertifikats
DE69613409T2 (de) Verfahren und Vorrichtung zur gesicherten anonymen Nachrichtenübertragung und zum elektronischen Abstimmen
DE60017845T2 (de) Minimierung der diskontinuierlichen Übertragung in einem Mobiltelekommunikationssystem
DE69934403T2 (de) Verfahren und vorrichtung zur digitalen kanalisierung und dekanalisierung
EP0384475A1 (fr) Procédé d'identification d'abonnés ainsi que de génération et de vérification de signatures électroniques dans un système d'échange de données
DE69735290T2 (de) Verfahren zur unsymmetrischen kryptographischen kommunikation und zugehöriger tragbarer gegenstand
DE19718827C2 (de) Verfahren und Vorrichtung zum Authentisieren von Mobilfunkteilnehmern
DE4242151C1 (de) Verfahren zur Sicherung eines Mobilfunkgerätes gegen unerlaubte Benutzung
DE60207860T2 (de) Verfahren und einrichtung zur bereitstellung von zeitsteuerungsinformationen in einem drahtlosen kommunikationssystem
DE102004037801B4 (de) Verfahren zur sicheren Datenübertragung
DE10110049A1 (de) Verfahren und Vorrichtung zur Datenverschlüsselung bei der Programmierung von Steuergeräten
EP0739108B1 (fr) Procédé pour signer un message utilisant une cryptographie à clé publique
WO1999055991A2 (fr) Procede d'authentification
EP2730050B1 (fr) Procédé de création et de vérification d'une signature électronique par pseudonyme
DE102004049026B4 (de) Verfahren zur Authentifizierung von Elementen einer Gruppe
WO2011110318A1 (fr) Procédé d'authentification d'un support de données portable
EP2337293B1 (fr) Dispositifs, procédés et signaux de codage OFDM
WO2000018061A1 (fr) Procede d'authentification d'au moins un abonne lors d'un echange de donnees
EP1232599B1 (fr) Dispositif pour generer un signal de controle module numeriquement
DE69600143T2 (de) Verfahren zur digitalen Unterschrift mit Null-Kenntnis, zum Herstellen von kollisionsresistenten Unterschriften
DE60300278T2 (de) Verfahren zur Übertragung von Signalisierungsinformation in einem Mehrträgerfunkübertragungsnetzwerk
DE102004064108B4 (de) Verfahren und Schaltung zum Begrenzen der Leistung eines aus spreizkodierten Signalen zusammengesetzten Signals

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): JP US

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

AK Designated states

Kind code of ref document: A3

Designated state(s): JP US

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 1999927720

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 09674218

Country of ref document: US

WWP Wipo information: published in national office

Ref document number: 1999927720

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1999927720

Country of ref document: EP