[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IBM patents on key distribution and authentication



   Date: Mon, 8 Aug 94 14:29:13 EDT
   From: amir@watson.ibm.com

   (It is not up to me to argue if these claims in this patent are defendable
   in court or not.) This is US patent 5,148,479, issued Sept 15, 1992 to
   IBM and invented by Bird et al.; claim 1 in it says:
     1. A method of auth a user... comprising the steps of
	- transmitting a first challenge N1 from a first user A to ... B,
	- transmitting a first response... [from B to A]
	- verifying at ... [A] that the first response is correct,
	- said first response being of the minimal form
	    f(S1,N1,D1,...),
	  wherein S1 is a shared secret between... [A and B], D1 is an
	  indication of the direction of flow of the message of the message...
	  and f() is a function selected such that
	    f(S1,N1',D1',...) = f(S1, N1, D1,...)
	  cannot be solved for N1' without knowledge of S1, wherein f(), N1', D1'
	  represent expressions in a reference connection.

Yikes!  Someone should correct me if I'm wrong, but if I'm reading the
claim correctly, it claims to cover all all forms of challenge-response
authentication.  Fortunately, there shouldn't be any lack of prior art
if this is the case..... 

Do you know when the patent was actually filed, as opposed to when it
was issued?

						- Ted


References: