Challenge-response authentication of a cryptographic device

摘要

In conjunction with a registration mode of operation, a first cryptographic device in one embodiment sends challenges to a second cryptographic device comprising a symmetric-key cryptographic module or other key-based cryptographic module that utilizes one or more secret keys. The first cryptographic device receives from the second cryptographic device responses to respective ones of the challenges, and stores information characterizing the responses. In conjunction with an authentication mode of operation, the first cryptographic device sends a selected one of the challenges to the second cryptographic device, receives from the second cryptographic device a response to the selected challenge, and authenticates the second cryptographic device utilizing the response to the selected challenge and the stored information. The first cryptographic device generates the challenges and authenticates the second cryptographic device without having knowledge of the one or more secret keys of the key-based cryptographic module of the second cryptographic device.

主权项

1. A method performed by a first cryptographic device, comprising:
in a registration mode of operation:
generating a set of challenges, wherein the set of challenges comprises n randomly selected multi-bit values, wherein a given one of the n randomly selected multi-bit values comprises a k-bit randomly selected value, and wherein n and k are security parameters denoting the number of challenges generated by the first cryptographic device and the length of the given challenge generated by the first cryptographic device, respectively;sending the challenges to a second cryptographic device, the second cryptographic device comprising a key-based cryptographic module that utilizes one or more secret keys;receiving from the second cryptographic device a set of first responses, each first response corresponding to a respective one of the challenges; andstoring information characterizing the first responses; and in an authentication mode of operation:
sending a selected one of the challenges to the second cryptographic device;receiving from the second cryptographic device a second response to the selected challenge; andauthenticating the second cryptographic device utilizing the second response and the stored information; wherein the first cryptographic device generates the challenges in the registration mode of operation without having knowledge of values of said one or more secret keys of the key-based cryptographic module of the second cryptographic device; wherein the first responses received from the second cryptographic device are based at least in part on at least one of said one or more secret keys of the key-based cryptographic module of the second cryptographic device; and wherein the first cryptographic device is configured to authenticate the second cryptographic device in the authentication mode of operation using the second response without having knowledge of the values of said one or more secret keys of the key-based cryptographic module of the second cryptographic device.