| 摘要 |
The present invention relates to a method to authenticate two devices (D1,D2) to establish a secure channel (SC Ks ), one belonging to a first group (G1) of devices, the second belonging to a second group (G2) of devices, in a non-traceable manner without necessitating to share secret, each group (Gx) being authenticated by an authority (AUx) that stores a group secret key (Kx) into the devices (Dx) under its authority, The method uses a set of authentication tokens (ATx'), one for each of the other groups (Gx') with which the device (Dx) is intended to communicate, said authentication token (ATx') comprising at least a random number (Rx') and a cipher (Cx') of at least this random number (R') by the secret key (AKx') of each of these other groups (Gx'), said authentication tokens (ATx) being further renewed at each communication with a device (Dx') from another group (Gx'). |
