Methods and apparatus for device authentication with one-time credentials

摘要

An automated method for authenticating a proving device to a verifying device involves an elliptic curve formula (ECF) for a predetermined elliptic curve associated with a proving device. According to one example method, the prover sends the verifier a message containing a first proof value (P2). The verifier determines whether P2 is a point on the elliptic curve associated with the proving device. If P2 is not on the elliptic curve, the verifier may determine that the proving device should not be trusted. The message may further comprise a second proof value (K1), and the verifier may automatically determine whether K1 corresponds to P1, based on a previous point (P0) on the elliptic curve. If K1 does not correspond to P1, the verifier may determine that the proving device should not be trusted. Other embodiments are described and claimed.

主权项

1. At least one non-transitory machine accessible medium comprising computer instructions for authenticating a proving device, wherein the computer instructions, in response to being executed on a data processing system, enable the data processing system to operate as a verifying device to perform a method comprising:
receiving an authentication message from a proving device, wherein the authentication message comprises a proof value and a current integer factor (K1), and wherein the proof value comprises a new point (P2) on a predetermined elliptic curve associated with the proving device; before receiving the authentication message from the proving device, receiving, from the proving device, a previous point (P0) on the predetermined elliptic curve and a current point (P1) on the predetermined elliptic curve; automatically determining whether the proof value from the proving device is on the predetermined elliptic curve associated with the proving device, based at least in part on an elliptic curve formula (ECF) for the predetermined elliptic curve; after receiving the authentication message from the proving device, using P0 and P1 from the proving device to automatically determine whether K1*P0=P1, wherein * denotes scalar multiplication on the predetermined elliptic curve; and automatically determining whether the proving device should be trusted, based at least in part on the determination of whether the proof value from the proving device is on the predetermined elliptic curve associated with the proving device, and based at least in part on the determination of whether K1*P0=P1.