Processing

Please wait...

Settings

Settings

Goto Application

1. WO1996005675 - USER AUTHENTICATION IN A COMMUNICATIONS NETWORK

Publication Number WO/1996/005675
Publication Date 22.02.1996
International Application No. PCT/GB1995/001937
International Filing Date 16.08.1995
Chapter 2 Demand Filed 14.03.1996
IPC
H04L 9/32 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Arrangements for secret or secure communication
32including means for verifying the identity or authority of a user of the system
H04Q 3/00 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
QSELECTING
3Selecting arrangements
CPC
H04L 2209/56
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
2209Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
56Financial cryptography, e.g. electronic payment or e-cash
H04L 63/0428
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
04for providing a confidential data exchange among entities communicating through data packet networks
0428wherein the data content is protected, e.g. by encrypting or encapsulating the payload
H04L 63/08
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
H04L 9/0822
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
08Key distribution ; or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
0822using key encryption key
H04L 9/3271
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
32including means for verifying the identity or authority of a user of the system ; or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
3271using challenge-response
H04Q 2213/13339
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
QSELECTING
2213Indexing scheme relating to selecting arrangements in general and for multiplex systems
13339Ciphering, encryption, security
Applicants
  • BRITISH TELECOMMUNICATIONS PUBLIC LIMITED COMPANY [GB]/[GB] (AllExceptUS)
  • HARDING, Peter, Maxwell [GB]/[GB] (UsOnly)
  • HICKS, Richard, Middleton [GB]/[GB] (UsOnly)
  • KINGAN, Jonathan, James [GB]/[GB] (UsOnly)
  • MEYERSTEIN, Michael, Victor [GB]/[GB] (UsOnly)
  • NOLDE, Keith, Eric [GB]/[GB] (UsOnly)
  • RABSON, John [GB]/[GB] (UsOnly)
  • RANGER, Jonathan, Crispin [GB]/[GB] (UsOnly)
  • ROBERTS, David, Anthony [GB]/[GB] (UsOnly)
  • STIRLAND, Mark, Jonathan [GB]/[GB] (UsOnly)
  • SWALE, Richard, Paul [GB]/[GB] (UsOnly)
Inventors
  • HARDING, Peter, Maxwell
  • HICKS, Richard, Middleton
  • KINGAN, Jonathan, James
  • MEYERSTEIN, Michael, Victor
  • NOLDE, Keith, Eric
  • RABSON, John
  • RANGER, Jonathan, Crispin
  • ROBERTS, David, Anthony
  • STIRLAND, Mark, Jonathan
  • SWALE, Richard, Paul
Agents
  • PRATT, David, Martin
  • LLOYD, Barry, George, William
Priority Data
9416595.817.08.1994GB
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) USER AUTHENTICATION IN A COMMUNICATIONS NETWORK
(FR) AUTHENTIFICATION DES UTILISATEURS DANS UN RESEAU DE COMMUNICATION
Abstract
(EN)
An authentication system of a terminal on a public switched telephone network comprises a security node associated with a local exchange (10) and a network terminal (14). For one-way authentication, the terminal (14) responds to a call initiation by sending a unique authentication code (R) comprising a number (m) and a secret key (Sj) encrypted according to a first algorithm (F), the secret key being specific to the terminal. The security node constructs the expected authentication code (E) from the number (m), using the first algorithm (F) and a second key which is a function of a terminal identification number (TN), and compares the expected code (E) with the received code (R). In two-way authentication, the security node responds to the call initiation by sending a transaction number (n) to the terminal (14) encrypted according to a second algorithm (fj). The terminal (14) generates the authentication code (R) as a function of the first algorithm (F), the secret key (Sj) and the transaction number (n). The authentication code (R) is sent back to the security node. An expected code (E) is compared with the received one (R) in the same way. In both cases, a match between expected and received authentication codes (E and R) constitutes authentication of the terminal (14), allowing the user access to the network.
(FR)
Système d'authentification d'un terminal d'un réseau téléphonique public commuté, qui comprend un noeud de sécurité associé à un central local (10) et à un terminal (14) de réseau. Pour l'authentification unidirectionnelle, le terminal (14) répond à un lancement d'appel en envoyant un code (R) d'authentification unique comportant un numéro (m) et une clé secrète (Sj) codée selon un premier algorithme (F), la clé secrète étant spécifique à ce terminal. Le noeud de sécurité construit le code (E) d'authentification attendu à partir du numéro (m), en utilisant le premier algorithme (F) et une seconde clé qui est une fonction d'un numéro d'identification de terminal (TN), et compare le code attendu (E) au code reçu (R). Dans l'authentification bidirectionnelle, le node de sécurité répond au lancement d'appel en envoyant un numéro (n) de transaction au terminal (14), codé selon un second algorithme (fj). Ledit terminal (14) génère le code d'authentification (R) en tant que fonction du premier algorithme (F), de la clé secrète (Sj) et du numéro de transaction (n). Le code d'authentification (R) est renvoyé au noeud de sécurité. Un code attendu (E) est comparé avec le code reçu (R) de la même manière. Dans les deux cas, une correspondance entre les codes d'authentification attendu et reçu (E et R) constitue l'authentification du terminal (14), ce qui permet à l'utilisateur d'accéder au réseau.
Also published as
FI970629
NO19970692
NZ290931
Other related publications
Latest bibliographic data on file with the International Bureau