US2011317840A1PendingUtilityA1

System and method of performing authentication

47
Assignee: CIET MATHIEUPriority: May 7, 2008Filed: Sep 1, 2011Published: Dec 29, 2011
Est. expiryMay 7, 2028(~1.8 yrs left)· nominal 20-yr term from priority
H04L 2209/24H04L 9/50H04L 2209/80H04L 9/3242
47
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Disclosed herein are systems, method and computer readable medium for providing authentication of an entity B by an entity A. In the method, entity A selects a value p, a range [a, b] and a granularity epsilon. Entity A sends p, [a, b], and epsilon to entity B. Entity B initializes a value y B =0 and for each x in {a, a+epsilon, . . . , b−epsilon, b} and computes z=E(x)*x. The function E(x) is an encryption scheme and the multiplication is carried out mod p. Entity B updates y B =y B +z. After processing each x, entity B sends y B to entity A. Entity A performs the same calculation and generates a y A value and compares y A with y B . If y B =y A , Entity A authenticate entity B. In one aspect, a light HMAC scheme splits an input x into n blocks with key expansion.

Claims

exact text as granted — not AI-modified
1 . A method comprising:
 splitting an input x into n number of x i  blocks;   initializing an input key RK[0]=k;   initializing y=0;   performing key expansion by, for each p in {1 . . . L−1}, computing round keys as RK[p]=R(RK[p−1]);   generating an updated y as follows:
 for each i in {0 . . . (n−1)}:
 setting y=y XOR x i ; 
 for each j in {0 . . . L−1}:
 computing y=R(y); and 
 setting y=y XOR RK[j]; 
 
 setting y=R(y); and 
 
 outputting y for use in authentication. 
   
     
     
         2 . The method of  claim 1 , wherein performing key expansion further comprises, for each round key:
 performing a function g i  that performs steps comprising:
 receiving a first set of bits and outputs a second set of bits; and 
 processing the first set of bits by concatenating members of the first set and XORing the concatenation with a constant, and (3) generates an output from g i ; 
   performing a function G i  that performs steps comprising:
 compressing the output from g i ; and 
 generating compressed output from G i ; and 
   exclusive or'ing the compressed output from G i  with the first set of bits to generate a respective round key.   
     
     
         3 . The method of  claim 2 , wherein g i  comprises:
     g   i ( x   0   ,x   1   ,c )=((( x   0   ∥x   1   +c ) 2 XOR  cst   i  XOR((( x   0   ∥x   1   +c )>>16) 2 )mod 2 32 .   
     
     
         4 . The method of  claim 3 , wherein G i  comprises:
     G   i ( x   0   ,x   1   ,x   2   ,x   3   ,c )=[((( x   0   ∥x   1   +c ) 2 XOR  csti   i  XOR((( x   0   ∥x   1   +c ) 2 >>32))+((( x   2   ∥x   3 )+ c ) 2 XOR  csti   i  XOR(( x   2   ∥x   3 )+ c ) 2 >>32))] mod 2 32 .   
     
     
         5 . The method of  claim 4 , wherein cst i  and csti i  are constant values depending on i, and wherein each x i  comprises 2 bytes of data. 
     
     
         6 . A method comprising:
 initializing an input key RK[0]=k;   initializing y=0;   performing key expansion by generating a table of round keys for a pre-determined number of rounds L, wherein the key expansion function comprises, for each round key:
 performing a function g i  that concatenates members of a first set of bits and XORs the concatenated members with a constant to generate a second set of bits; 
 performing a function G i  that compresses the second set of bits from g i  and generates compressed output; and 
 exclusive or'ing the compressed output with the first set of bits to generate a respective round key; 
   generating an updated y by using the table of round keys in an iterative application of an encryption scheme; and   storing y for use in authentication.   
     
     
         7 . The method of  claim 6 , wherein multiple iterations of the function g i  occur with each round. 
     
     
         8 . The method of  claim 6 , wherein g i  comprises:
     g   i ( x   0   ,x   1   ,c )=((( x   0   ∥x   1   +c ) 2 XOR  cst   i  XOR((( x   0   ∥x   1   +c )>>16) 2 )mod 2 32 .   
     
     
         9 . The method of  claim 8 , wherein G i  comprises:
     G   i ( x   0   ,x   1   ,x   2   ,x   3   ,c )=[((( x   0   ∥x   1   +c ) 2 XOR  csti   i  XOR((( x   0   ∥x   1   +c ) 2 >>32))+((( x   2   ∥x   3 )+ c ) 2 XOR  csti   i  XOR(( x   2   ∥x   3 )+ c ) 2 >>32))] mod 2 32 .   
     
     
         10 . A system comprising:
 a processor;   a memory storing instructions for controlling the processor to perform steps comprising:
 receiving an input x that comprises a set of x i  blocks; 
 performing key expansion by, for i=1 to L−1, computing round keys as RK[i]=R(RK[i−1]), wherein RK[0] is an input key having a value k; 
 generating an updated y as follows:
 for i=0 to (n−1):
 setting y=y XOR x i  wherein y has an initial value of 0; 
 for j=0 to L−1: 
  computing y=R(y); and 
  setting y=y XOR RK[j]; 
 setting y=R(y); and 
 
 
 outputting y for use in authentication. 
   
     
     
         11 . The system of  claim 10 , wherein performing key expansion further comprises, for each round key:
 performing a function g i  that (1) receives a first set of bits and outputs a second set of bits, (2) processes the first set of bits by concatenating members of the first set and XORing the concatenation with a constant, and (3) generates an output from g i ;   performing a function G i  that compresses the output from g i  and generates compressed output from G i ; and   XORing the compressed output from G i  with the first set of bits to generate a respective round key.   
     
     
         12 . The system of  claim 11 , wherein g i  comprises:
     g   i ( x   0   ,x   1   ,c )=((( x   0   ∥x   1   +c ) 2 XOR  cst   i  XOR((( x   0   ∥x   1   +c )>>16) 2 )mod 2 32 .   
     
     
         13 . The system of  claim 12 , wherein G i  comprises:
     G   i ( x   0   ,x   1   ,x   2   ,x   3   ,c )=[((( x   0   ∥x   1   +c ) 2 XOR  csti   i  XOR((( x   0   ∥x   1   +c ) 2 >>32))+((( x   2   ∥x   3 )+ c ) 2 XOR  csti   i  XOR(( x   2   ∥x   3 )+ c ) 2 >>32))] mod 2 32 .   
     
     
         14 . The system of  claim 13 , wherein cst i  and csti i  are constant values depending on i, and wherein each x i  comprises 2 bytes of data. 
     
     
         15 . A system comprising:
 a processor;   a memory storing instructions for controlling the processor to perform steps comprising:
 performing key expansion on an input key by generating a table of round keys for a pre-determined number of rounds L, wherein the key expansion function comprises, for each round key:
 performing a function g i  that concatenates members of a first set of bits and exclusive or's the members with a constant to generate a second set of bits; 
 performing a function G i  that compresses the second set of bits from g i  to yield compressed output; and 
 exclusive or'ing the compressed output with the first set of bits to generate a respective round key; 
 
 generating an updated output value by using the table of round keys in an iterative application of an encryption scheme; and 
 storing the updated output value in an authentication database. 
   
     
     
         16 . The system of  claim 15 , wherein multiple iterations of the function g i  occur with each round. 
     
     
         17 . The system of  claim 15 , wherein g i  comprises:
     g   i ( x   0   ,x   1   ,c )=((( x   0   ∥x   1   +c ) 2 XOR  cst   i  XOR((( x   0   ∥x   1   +c )>>16) 2 )mod 2 32 .   
     
     
         18 . The system of  claim 17 , wherein G i  comprises:
     G   i ( x   0   ,x   1   ,x   2   ,x   3   ,c )=[((( x   0   ∥x   1   +c ) 2 XOR  csti   i  XOR((( x   0   ∥x   1   +c ) 2 >>32))+((( x   2   ∥x   3 )+ c ) 2 XOR  csti   i  XOR(( x   2   ∥x   3 )+ c ) 2 >>32))] mod 2 32 .   
     
     
         19 . A non-transitory computer-readable storage medium storing instructions which, when executed by a computing device, cause the computing device to perform steps comprising:
 receiving an input x having x i  blocks;   performing key expansion by computing, for i=1 to L−1, iteration keys as RK[i]=R(RK[i−1]), wherein RK[0] is an input key having a value k;   generating an updated y as follows:
 for i=0 to (n−1):
 setting y=y XOR x i , wherein y has an initial value of 0; 
 for j=0 to L−1:
 computing y=R(y); and 
 setting y=y XOR RK[j]; 
 
 setting y=R(y); and 
 
   storing y in an authentication database.   
     
     
         20 . The non-transitory computer-readable storage medium of  claim 19 , wherein performing key expansion further comprises, for each iteration key:
 performing a function g i  that (1) receives a first set of bits and outputs a second set of bits, (2) processes the first set of bits by concatenating members of the first set and XORing the concatenation with a constant, and (3) generates an output from g i ;   performing a function G i  that compresses the output from g i  and generates compressed output from G i ; and   XORing the compressed output from G i  with the first set of bits to generate a respective iteration key.   
     
     
         21 . The non-transitory computer-readable storage medium of  claim 20 , wherein g i  comprises:
     g   i ( x   0   ,x   1   ,c )=((( x   0   ∥x   1   +c ) 2 XOR  cst   i  XOR((( x   0   ∥x   1   +c )>>16) 2 )mod 2 32 .   
     
     
         22 . The non-transitory computer-readable storage medium of  claim 21 , wherein G i  comprises:
     G   i ( x   0   ,x   1   ,x   2   ,x   3   ,c )=[((( x   0   ∥x   1   +c ) 2 XOR  csti   i  XOR((( x   0   ∥x   1   +c ) 2 >>32))+((( x   2   ∥x   3 )+ c ) 2 XOR  csti   i  XOR(( x   2   ∥x   3 )+ c ) 2 >>32))] mod 2 32 .   
     
     
         23 . A non-transitory computer-readable storage medium storing instructions which, when executed by a computing device, cause the computing device to perform steps comprising:
 performing key expansion on an input key by generating a table of iteration keys for L iterations, wherein the key expansion comprises, for each iteration key:
 concatenating a first set of bits and exclusive or'ing the first set of bits with a constant to generate a second set of bits; 
 compressing the second set of bits to yield compressed bits; and 
 exclusive or'ing the compressed bits with the first set of bits to generate a respective iteration key; 
   generating an updated output value by iteratively applying the table of iteration keys in an encryption scheme; and   storing the updated output value in an authentication database.   
     
     
         24 . The non-transitory computer-readable storage medium of  claim 23 , wherein multiple iterations of concatenating the first set of bits occur with each iteration. 
     
     
         25 . The non-transitory computer-readable storage medium of  claim 24 , wherein exclusive or'ing the first set of bits comprises:
     g   i ( x   0   ,x   1   ,c )=((( x   0   ∥x   1   +c ) 2 XOR  cst   i  XOR((( x   0   ∥x   1   +c )>>16) 2 )mod 2 32 .

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.