METHOD FOR AUTHENTICATION, RF CHIP DOCUMENT, RF CHIP READER AND COMPUTER PROGRAM PRODUCTS

摘要

A method for authentication for trustworthy communication between a first party (A) and a second party (B) is intended to be provided in efficient and secure form. To this end, a combination of password-based authentication and certificate-based authentication is provided. For certificate-based authentication, the first party (A) has a static key pair, consisting of a private static key and a public static key, and a certificate - issued by a certification centre (C) - relating to the public static key. The certification centre (C) has an associated public key which is known by the second party (B). As part of the certificate-based authentication, the party (A) calculates a transformation between a dedicated ephemeral key pair from the password-based authentication and the dedicated static key pair from the certificate-based authentication to obtain a parameter for carrying out the transformation. The reuse of the dedicated ephemeral key pair from the password-based authentication in the certificate-based authentication firstly reduces the overall calculation and communication complexity, and secondly links the two protocols, so that there is the assurance that both protocols are executed by the same party. This increases security with a simultaneous reduction in complexity. The novel method is suitable for authenticating electronic passports.