EP2057777A2 - Procédé d'enregistrement d'une transmission d'informations numérique non rejetable et d'identification de participants de la communication - Google Patents

Procédé d'enregistrement d'une transmission d'informations numérique non rejetable et d'identification de participants de la communication

Info

Publication number
EP2057777A2
EP2057777A2 EP07805758A EP07805758A EP2057777A2 EP 2057777 A2 EP2057777 A2 EP 2057777A2 EP 07805758 A EP07805758 A EP 07805758A EP 07805758 A EP07805758 A EP 07805758A EP 2057777 A2 EP2057777 A2 EP 2057777A2
Authority
EP
European Patent Office
Prior art keywords
communication
key
identifier
check
biometric
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP07805758A
Other languages
German (de)
English (en)
Inventor
Federico Moro
Lorenzo Boccaccia
Fabio Pietrosanti
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
PRIVATEWAVE ITALIA S.P.A.
Original Assignee
Khamsa Italia Srl
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Khamsa Italia Srl filed Critical Khamsa Italia Srl
Publication of EP2057777A2 publication Critical patent/EP2057777A2/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan

Definitions

  • the invention relates generally to the field of protection of the communication integrity as well as certification and cryptography applied to telecommunication nets in order to avoid illegal intrusions during the transmission. More particularly it concerns a method of identifying the credentials of the participants in the communication for the not repudiable recording of the digital transmission of information.
  • Apparatus and methods to carry out secure communications among two or more individuals are presently on the market, however, none of them has been developed and conceived to offer the users the maximum security and easiness of use. Furthermore, all such methods base the identification of the counterpart on insecure methods by the nature of the instruments used: although secure cryptographic methods borrowed, for example, from electronic mail systems are used, the nature itself of the apparatus facilitates the physical misappropriation of the property with annexed keys.
  • the object of the present invention is a communication method and device programmed to achieve the predetermined aim of secure communication and identification.
  • a secure channel is provided by a suitable protocol which guarantees an association between the public keys and the identity of the participants.
  • the public keys are then divided into two groups: secure and insecure keys. All of the keys which are unknown to the user are considered to be insecure and all of the keys which are correctly identified and accepted by the user are considered to be secure. If the public keys received by the counterpart are different from those stored in preceding conversations with the counterpart or are not stored in the local memory of the users, they are considered ' to be insecure and the reciprocal check of the identities is carried out.
  • the secure keys the identity check is carried out only in case the user requires it expressly (if the key is considered to be insecure again).
  • the following protocol is carried out to identify the user and to check the identity.
  • An identifier of the public cryptographic key of the sender is provided by a non-invertible mathematic (pure or procedural) function. This identifier is made interpretable by a person and displayed to the sender so as to provide a biometric model of the same.
  • the biometric model of the identifier is sent to the recipient. This model can be signed by the private key of the sender to a greater security.
  • the biometric model of such numerical identifier is interpreted by the recipient and compared with the identifier calculated on the base of the public certificate received upon setting up the secure communication channel or the key by which it has been signed. If the identifiers match with each other, the sender is identified, and the identifier exchange is repeated with exchanged roles.
  • the public keys Once the public keys are authenticated, they can be used to sign and/or encrypt the communication among parties, thus providing a secure, not repudiable channel.
  • the record takes place according to the procedure disclosed below.
  • Each terminal can proceed apart from the other to keep the transmitted and/or received flows either keeping the transmitted flow and the received flow separate or mixing the same.
  • the device which are recording the flows are matched on a periodic time interval of segmentation of the recorded flows.
  • Such flows are signed digitally by each device and the signature is exchanged among the devices involved at such frequency.
  • the users are supplied with an application able to perform cryptographic operations using asymmetrical keys to sign or encrypt digital data and to use symmetrical keys to encrypt data of digital flows.
  • Such application provides the following procedural steps. During the installation step or upon request of the user it generates a digital certificate containing user's data and a pair of asymmetrical keys.
  • the program can be distributed with a certificate ready to use enclosed with.
  • an univocal identifier so-called fingerprint
  • hashing function a biometric identifier
  • This identifier can further be signed by the private key of the user to offer a further security means.
  • a symmetric key is generated which is valid only for that communication session and is to be used to encrypt the following communication to protect the contents.
  • This key can be generated in different ways, i.e. either by key generation algorithms existing at the state of art and able to protect the key from foreign listeners or by the caller using the public key of the recipient (if available) to send the encrypted key to the recipient or from a shared secret.
  • the negotiation of the method of generating this first key to be used is left to the discretion of the implementations.
  • the key is only used temporarily to protect the exchange of credentials as the keys generated by other methods are not able to guarantee the security of the contents, and is replaced as soon as the certificates of the counterparts are identified and considered to be secure by a new key.
  • the public keys of the participants to be used, in case they are checked and considered to be secure, for the generation of the definitive session key used during the communication are distributed on the channel.
  • These keys can optionally include the identifier in biometric format of the key enclosed with to automate the process. In the connection setting up step all participants have optionally the possibility of regenerating his/her own identifier in biometric format (the alphanumeric identifier being a function of the key used and then always the same for a given key).
  • the check of the public key consists of the following steps that can be performed simultaneously by the participants in the communication which will be disclosed from the point of view of only one user: 1) the user asks a counterpart the univocal biometric identifier of the public, key, if not already distributed and enclosed with the public key;
  • the user checks whether the identifier actually matches with the biometric identifier.
  • a further interactive check can be carried out consisting of generating randomly a transitory identifier, sending it to the counterpart and waiting for a biometric corresponding one.
  • the keys are stored and 1 associated univocally with the counterpart of the communication, thus providing a not repudiable check of the exchanged keys which are needed for the following communication check.
  • the communication carries on without needing any authentication steps, and the generation of the session key can be performed directly by the caller by using the previously detailed method consisting of encrypting the session key with the public keys of the counterparts and distributing it to the latter.
  • the caller can ask to repeat the biometric credential exchange apart from the fact that the key of the counterpart has been previously stored.
  • the exchange of biometric identifiers can also take place in interactive manner during or at the beginning of the communication. In this case one can ask to identify in a biometric manner the key of the current session as warranty that the key is actually used by the counterparts.
  • each apparatus can either store the flow of the counterparts or store all flows together keeping the same separated.
  • each device signs the generated portion of the communication and. sends the hash thus obtained to the counterparts by using, if necessary, a suitable exchange algorithm for the digital signature which guarantees that the devices receives the signatures at the same time.
  • a suitable exchange algorithm for the digital signature which guarantees that the devices receives the signatures at the same time.
  • Fig. 1 is a time diagram of the steps of a calling to a recipient with unknown certificate
  • Fig. 2 is a time diagram of the steps of a calling to a recipient with unknown certificate and reject of the biometric identifier
  • Fig. 3 is a time diagram of the steps of a calling to a recipient with known certificate
  • Fig. 4 is a time diagram of the steps of a calling to a recipient with known certificate and request of re-validation of the biometric imprint.
  • the sequence of operations is disclosed only to check the identity by the caller and it is supposed the presence of only two participants in the communication.
  • the recipient Before the setting up of the real communication channel and at the same time as the caller, the recipient performs a similar check as the caller which is dependent on the acceptance of the identifier by the caller but independent of the procedure used among those proposed by the caller: the recipient will perform a checking procedure suitable for the conditions of his/her own telephone and the' state of his/her own stored certificates.
  • Telephone “b” calls, telephone "d” and establishes a session key.
  • a protocol existing at the state of art is used to generate the session key.
  • the session key can be provided from a shared secret of the two parties in the calling or through alternative equivalent protocols.
  • Telephone "b” calls telephone “d” and attains the certificate. . 4.
  • Telephone “b” checks through service “c” (that can be the memory of the telephone rather than an outside certificate test service) whether the certificate is present in the list with the identifying data. 5. In this case service “c” communicates to telephone “b” that the certificate is unknown. 6.
  • Telephone "b” calls telephone “d” and asks it to supply a biometric identifier. 7.
  • Telephone "d” asks telephone "e” a biometric model of the numerical identifier of the certificate. ⁇ .Telephone “e” supplies telephone “d” with the biometric identifier.
  • Telephone “d” supplies telephone “b” with the biometric identifier of the certificate. 10.
  • Telephone “b” shows to user “a” the biometric identifier of the certificate.
  • Telephone "b” communicates to telephone "d” that the authentication has been accepted.
  • the recognizing procedure is carried out with exchanged roles.
  • the telephones inform the respective users that the communication is secure and may start.
  • the initial session key has been generated in insecure way the caller regenerates a new session key and sends it in encrypted form together with the public key of the recipient to the counterpart.
  • Caller "a” activates the program and selects recipient "e” from a list of telephone numbers or by dialling its number.
  • Telephone “b” calls telephone "d” and establishes a session key.
  • a protocol existing at the state of art is used to generate session keys.
  • the session key can be provided from a shared secret of the two parties in the calling or an alternative equivalent protocol.
  • Telephone "b” calls telephone "d” of the recipient and attains the certificate.
  • Telephone “b” checks through service “c" (that can be the memory of the telephone rather than an outside certificate test service) whether the certificate is present in the list with the identifying data.
  • service "c” communicates to telephone "b" that the certificate is unknown.
  • Telephone “b” calls telephone "d” and asks it to supply a biometric identifier.
  • Telephone “d” asks telephone "e” a biometric model of the numerical identifier of the certificate.
  • ⁇ .Telephone “e” supplies telephone "d” with the biometric identifier.
  • Telephone “d” supplies telephone "b” with the biometric identifier of the certificate.
  • Telephone “b” shows to user “a” the biometric identifier of the certificate.
  • Telephone “b” communicates to telephone “d” the acceptance of the certificate and sends a random, encrypted session key together with the public key of the counterpart. (If the counterpart had changed the certificate as he/she cannot accept the session key, he/she would ask the caller a session key generated by another available protocol and would supply the caller with the new certificate and would repeat the biometric identification procedure).
  • the recognizing procedure is carried out with exchanged roles. 7.
  • the telephones inform the respective users that the communication is secure and may start.
  • Caller "a” activates the program and selects recipient "e” from a list of telephone numbers or by dialling its number.
  • telephone "b” looks for the certificate corresponding to the recipient through service "c" (that can be the memory of the telephone rather than an outside certificate test service). 3.
  • the service communicates the certificate to the telephone.
  • Telephone "b” asks user "a” whether the certificate is to be accepted.
  • Telephone “b” calls telephone "d” and establishes a session key.
  • a protocol existing at the state of art is used to generate session keys.
  • the session key can be provided from a shared secret of the two parties in the calling or through alternative equivalent protocols.
  • Telephone "b” calls telephone "d” and asks it a new biometric identifier.
  • Telephone “d” asks telephone "e” a biometric model of the numerical identifier of the certificate.
  • Telephone “d” supplies telephone "b” with the biometric identifier of the certificate.
  • Telephone “b” shows to user “a” the biometric identifier of the certificate. 12.
  • User “a” decides in this case to accept the received biometric identifier.
  • Telephone "b” sends the certificate to storage service "e”.
  • Service “c” acknowledges the receipt of the certificate.
  • Telephone “b” communicates to telephone "d” that the authentication has been accepted.
  • the recognizing procedure is carried out with exchanged roles.
  • the telephones inform the respective users that the communication is secure and may start. As in this case the initial session key has been generated in insecure way the caller regenerates a new session key and sends it in encrypted form together with the public key of the recipient to the counterpart.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Credit Cards Or The Like (AREA)

Abstract

Protocole multimédia de contrôle de l'identité de participants d'une communication et de l'exactitude de l'échange d'informations sur un canal numérique. Ledit protocole est similaire à la procédure de hachage visant à vérifier l'intégrité de données au moyen d'un test biométrique bidirectionnel. Des clés cryptographiques asymétriques sont échangées et testées par le protocole de telle manière que le conversation est prise en charge par des protocoles de cryptage standard. L'invention vise à permettre à au moins deux participants d'une communication, de garantir que ladite communication n'est pas rejetée.
EP07805758A 2006-08-04 2007-08-03 Procédé d'enregistrement d'une transmission d'informations numérique non rejetable et d'identification de participants de la communication Withdrawn EP2057777A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ITRM20060426 ITRM20060426A1 (it) 2006-08-04 2006-08-04 Metodo per la registrazione non ripudiabile di una trasmissione digitale di informazione e per l identificazione dei partecipanti alla comunicazione
PCT/IT2007/000565 WO2008015723A2 (fr) 2006-08-04 2007-08-03 Procédé d'enregistrement d'une transmission d'informations numérique non rejetable et d'identification de participants de la communication

Publications (1)

Publication Number Publication Date
EP2057777A2 true EP2057777A2 (fr) 2009-05-13

Family

ID=38795823

Family Applications (1)

Application Number Title Priority Date Filing Date
EP07805758A Withdrawn EP2057777A2 (fr) 2006-08-04 2007-08-03 Procédé d'enregistrement d'une transmission d'informations numérique non rejetable et d'identification de participants de la communication

Country Status (3)

Country Link
EP (1) EP2057777A2 (fr)
IT (1) ITRM20060426A1 (fr)
WO (1) WO2008015723A2 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8917840B2 (en) 2009-12-14 2014-12-23 International Business Machines Corporation Enhanced privacy caller identification system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5872848A (en) * 1997-02-18 1999-02-16 Arcanvs Method and apparatus for witnessed authentication of electronic documents
NL1007472C2 (nl) * 1997-11-06 1999-05-10 Koninkl Kpn Nv Werkwijze en inrichting voor het beveiligd opslaan van gegevens uit berichtenverkeer.
US7047416B2 (en) * 1998-11-09 2006-05-16 First Data Corporation Account-based digital signature (ABDS) system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2008015723A3 *

Also Published As

Publication number Publication date
ITRM20060426A1 (it) 2008-02-05
WO2008015723A3 (fr) 2008-04-10
WO2008015723A2 (fr) 2008-02-07

Similar Documents

Publication Publication Date Title
CN109672539B (zh) Sm2算法协同签名及解密方法、装置及系统
CN105245341B (zh) 远程身份认证方法和系统以及远程开户方法和系统
US7020778B1 (en) Method for issuing an electronic identity
CN108199835B (zh) 一种多方联合私钥解密方法
CN111865603B (zh) 认证方法、认证装置和认证系统
CN104735068B (zh) 基于国密的sip安全认证的方法
US10826711B2 (en) Public key infrastructure and method of distribution
CN109150897B (zh) 一种端到端的通信加密方法及装置
CA2457493A1 (fr) Procede et appareil de certification de donnees
WO2017201809A1 (fr) Procédé et système de communication pour un terminal
CN108243181A (zh) 一种车联网终端、数据加密方法及车联网服务器
CN108599925A (zh) 一种基于量子通信网络的改进型aka身份认证系统和方法
CN112766962A (zh) 证书的接收、发送方法及交易系统、存储介质、电子装置
CN114826659B (zh) 一种加密通讯方法及系统
CN113204760B (zh) 用于软件密码模块的安全通道建立方法及系统
CN101083843A (zh) 一种移动终端通讯中对端身份确认的方法及系统
CN108199844B (zh) 一种支持离线sm9算法密钥首次申请下载方法
CN110544101A (zh) 基于sm9的联盟链身份认证方法
CN113382002A (zh) 数据请求方法、请求应答方法、数据通信系统及存储介质
CN107483430A (zh) 一种基于身份证云识别的人证合一认证方法和装置
CN112054905B (zh) 一种移动终端的安全通信方法及系统
US9876774B2 (en) Communication security system and method
CN114553441B (zh) 一种电子合同签署方法及系统
CN103139774B (zh) 短消息业务处理方法与短消息业务处理系统
CN113626879B (zh) 一种电子印章图片绑定数字证书及出示方法

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20090304

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC MT NL PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA HR MK RS

RIN1 Information on inventor provided before grant (corrected)

Inventor name: PIETROSANTI, FABIO

Inventor name: BOCCACCIA, LORENZO

Inventor name: MORO, FEDERICO

DAX Request for extension of the european patent (deleted)
RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: PRIVATEWAVE ITALIA S.P.A.

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20120301