Use of personal device for convenient and secure authentication
Опубликовано: 23-10-2019
Автор(ы): HongQian Karen Lu, Michael Hutchinson
Принадлежит: THALES DIS FRANCE SA
Реферат: The present invention relates to a method to authenticate a user (US) using an authenticator (PIN) at an access device (AD) using another registered device named personal device (PD), said authenticator (PIN) being stored by the access device (AD) after registration (steps Si) of the personal device (PD) comprising a double encryption using an access device's secret key (SK(AD)) and a personal device's public key (PK(PD)) to be retrieved (T10) at each request of authentication (T4) received from the personal device (PD), encrypted (T12) using a session key (Ks) and sent (T14) with the session key (Ks) encrypted (T13) using the personal device's public key (PK(PD)) to the personal device (PD) for partial decryption (T18,T20) using the decrypted (T17) session key (Ks) and the personal device's private key (SK(PD)), re- encryption (T21 ) using the session key (Ks) and sending back (T23) to the access device (AD) for total decryption (T25,T26) of the authenticator (PIN), using the session key (Ks) and the access device's secret key (SK(AD)), and use of the thus decrypted authenticator (PIN) to authenticate at the access device (AD).
Use of personal device for convenient and secure authentication
Номер патента: WO2018108456A1. Автор: Michael Hutchinson,HongQian Karen Lu. Владелец: GEMALTO SA. Дата публикации: 2018-06-21.