[go: up one dir, main page]

FI20051023L - Method, apparatus and arrangement for authenticating a connection using a portable device - Google Patents

Method, apparatus and arrangement for authenticating a connection using a portable device Download PDF

Info

Publication number
FI20051023L
FI20051023L FI20051023A FI20051023A FI20051023L FI 20051023 L FI20051023 L FI 20051023L FI 20051023 A FI20051023 A FI 20051023A FI 20051023 A FI20051023 A FI 20051023A FI 20051023 L FI20051023 L FI 20051023L
Authority
FI
Finland
Prior art keywords
server system
challenge
response
authenticating
connection
Prior art date
Application number
FI20051023A
Other languages
Finnish (fi)
Swedish (sv)
Other versions
FI20051023A0 (en
FI20051023A7 (en
Inventor
Kimmo Ikonen
Markku Suominen
Original Assignee
Meridea Financial Software Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Meridea Financial Software Oy filed Critical Meridea Financial Software Oy
Priority to FI20051023A priority Critical patent/FI20051023A7/en
Publication of FI20051023A0 publication Critical patent/FI20051023A0/en
Priority to PCT/FI2006/000329 priority patent/WO2007042608A1/en
Publication of FI20051023L publication Critical patent/FI20051023L/en
Publication of FI20051023A7 publication Critical patent/FI20051023A7/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Coupling Device And Connection With Printed Circuit (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)

Abstract

A portable electronic device (311) is used for authenticating a connection between a remote computer and a server system (301). The device (311) receives a challenge from the server system (301), reads (511) from the challenge a piece of challenge data that describes a transaction to be executed at the server system (301) and outputs (513) said challenge data to a user. In generating a response to the challenge there is included response data that describes said transaction to be executed at the server system in the response. The response is digitally signed (601) using said response data and a shared secret that is known to the server system (301) and to the portable electronic device (311).
FI20051023A 2005-10-11 2005-10-11 Method, devices and arrangement for authenticating a connection using a portable device FI20051023A7 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
FI20051023A FI20051023A7 (en) 2005-10-11 2005-10-11 Method, devices and arrangement for authenticating a connection using a portable device
PCT/FI2006/000329 WO2007042608A1 (en) 2005-10-11 2006-10-10 Method, devices and arrangement for authenticating a connection using a portable device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
FI20051023A FI20051023A7 (en) 2005-10-11 2005-10-11 Method, devices and arrangement for authenticating a connection using a portable device

Publications (3)

Publication Number Publication Date
FI20051023A0 FI20051023A0 (en) 2005-10-11
FI20051023L true FI20051023L (en) 2007-04-12
FI20051023A7 FI20051023A7 (en) 2007-04-12

Family

ID=35185164

Family Applications (1)

Application Number Title Priority Date Filing Date
FI20051023A FI20051023A7 (en) 2005-10-11 2005-10-11 Method, devices and arrangement for authenticating a connection using a portable device

Country Status (2)

Country Link
FI (1) FI20051023A7 (en)
WO (1) WO2007042608A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2977418B1 (en) * 2011-06-28 2013-06-28 Alcatel Lucent AUTHENTICATION SYSTEM VIA TWO COMMUNICATION DEVICES
US12432071B2 (en) * 2020-07-15 2025-09-30 Micron Technology, Inc. Secure serial peripheral interface (SPI) flash

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040015725A1 (en) * 2000-08-07 2004-01-22 Dan Boneh Client-side inspection and processing of secure content
FR2821225B1 (en) * 2001-02-20 2005-02-04 Mobileway REMOTE ELECTRONIC PAYMENT SYSTEM
WO2003049364A1 (en) * 2001-12-04 2003-06-12 Conceptm Company Limited System and method for facilitating electronic financial transactions using a mobile telecommunication device
EP1504588A4 (en) * 2002-04-28 2005-10-26 Paycool Int Ltd System to enable a telecom operator provide financial transactions services and methods for implementing such transactions
AU2003293381A1 (en) * 2002-12-03 2004-06-23 Funk Software, Inc. Tunneled authentication protocol for preventing man-in-the-middle attacks

Also Published As

Publication number Publication date
WO2007042608A1 (en) 2007-04-19
FI20051023A0 (en) 2005-10-11
FI20051023A7 (en) 2007-04-12

Similar Documents

Publication Publication Date Title
ATE445195T1 (en) PERSONAL TOKEN AND CONTROLLED AUTHENTICATION METHOD
TWI265418B (en) Methods and systems for authentication of components in a graphics system
WO2009025605A3 (en) Device and method for generating dynamic credit card data
WO2005086569A3 (en) System, method and apparatus for electronic authentication
WO2007000652A3 (en) System and method of secure online transactions using portable secure network devices
IN2009CN02956A (en)
EP1775673A3 (en) Token authentication system
EP1914657A3 (en) Authentication system, authentication-service-providing device, authentication-service-providing method, and program
WO2004042540A3 (en) Methods and apparatus for dynamic user authentication
WO2007026228A3 (en) Secure delegation of trust
DE602004012996D1 (en) METHOD AND DEVICE FOR AUTHENTICATING USERS AND WEBSITES
NO20020652D0 (en) User interface
WO2009034815A1 (en) Account management system, base account management device, derivative account management device and program
BR112014025965A2 (en) system and method for verification and authentication of data and identity
DE602005010068D1 (en) CERTIFICATE validity
WO2008095011A3 (en) Methods and systems for authentication of a user
GB2463412A (en) Using an authentication ticket to initialize a computer
GB2521802A (en) Reissue of crypographic credentials
NO20042691L (en) Procedure for generating and verifying an electronic signature
DK1455257T3 (en) System for connecting secrets to a computer system with tolerance for hardware changes
MY141019A (en) Challenge-based authentication without requiring knowledge of secret authentication
TW200709639A (en) Authentication method, authentication apparatus, and computer product
FI20051023A0 (en) A method, apparatus, and arrangement for authenticating a connection using a portable device
TW200943121A (en) A burglarproof method and system for portable computer devices
UA96933C2 (en) System and method for query and issuing of authorization document

Legal Events

Date Code Title Description
MA Patent expired