Browse Prior Art Database

Method of verifying the device authenticity

IP.com Disclosure Number: IPCOM000010394D
Original Publication Date: 2002-Nov-26
Included in the Prior Art Database: 2002-Nov-26
Document File: 2 page(s) / 19K

Publishing Venue

IBM

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 50% of the total text.

Page 1 of 2

Method of verifying the device authenticity

   Disclosed is the method of verifying the authenticity of a device when a user needs to know if the device can be trusted before he/she uses it. This method prevents unaware use of spurious or flawed devices. This method is applicable to various kinds of devices such as personal computers, cash dispensers, vending machines, cellular phones, PDA, etc.

Device T1 Device T2

User

Network interface N1 Network interfaceN2

1. Challenge C1Authenticator A1 Authenticator A2
2. Response R1

3. Challenge C2

4. Response R2

5. Message M1

5. Message M2

Figure 1: Illustration of the invention

In this invention, each device is assumed to have a network interface for proximity communication, an authenticator for verifying authenticity, and an output interface for indicating a message to a user. When the user requests the proof of authenticity to the device T1, T1 look for another device, T2, using the proximity communication channel. T2 can be a device unknown to the user. After the connection is established, T2 is supposed to verify the authenticity of T1. T1 is supposed to verify the authenticity of T2, too. As shown in Figure 1, the authenticator A1 in the device T1 and the authenticator A2 in the device T2 exchange challenges/responses for this mutual verification.

The process of authenticity verification between T1 and T2 utilizes an existing technology. For example, the specification of TCPA(Trusted Computing Platform Alliance, http://www.trustedcomputing.org/) describes one method to do this. In TCPA, A1 and A2, both called Trusted Platform Module (TPM), are tamper-resistant hardware that maintains the special register to store the result of device integrity measurement. When T1 verifies the authenticity of T2, A1 generates a random challenge value and send it to A2. A2 creates and sends back the response, which is the signed hash of the concatenation of the challenge. A1 can check the validity of the signature, and the correctness of the register value. Then T2 can verify the authenticity of T1 with the...