Browse Prior Art Database

Message Replay Prevention Using a Previously Transmitted Random Number to Sequence the Messages

IP.com Disclosure Number: IPCOM000043405D
Original Publication Date: 1984-Aug-01
Included in the Prior Art Database: 2005-Feb-04
Document File: 2 page(s) / 13K

Publishing Venue

IBM

Related People

Martin, WC: AUTHOR

Abstract

A procedure is set out in [*] which has the following characteristics: 1. An encryption method with the property of error propagation is used to authenticate the contents of the message. 2. Passwords are used to authenticate the sender and receiver. 3. A time-varying quantity is used to verify that messages are received in their proper sequence. Typically, time of day and clock data or message sequence numbers are used to provide the time-varying information. In some networks, low cost terminals are used which do not have a time-of-day clock. The use of a deterministic message sequence number, such as a simple counter, is used instead. However, every counter has a finite counting length, and, thereafter, it must repeat its counted sequence of numbers.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 2

Message Replay Prevention Using a Previously Transmitted Random Number to Sequence the Messages

A procedure is set out in [*] which has the following characteristics: 1. An encryption method with the property of error propagation is used to authenticate the contents of the message. 2. Passwords are used to authenticate the sender and receiver. 3. A time-varying quantity is used to verify that messages are received in their proper sequence. Typically, time of day and clock data or message sequence numbers are used to provide the time-varying information. In some networks, low cost terminals are used which do not have a time-of-day clock. The use of a deterministic message sequence number, such as a simple counter, is used instead. However, every counter has a finite counting length, and, thereafter, it must repeat its counted sequence of numbers. If the sequence number sequence repeats during a time period when the same encryption key is used, a message that was sent once can be fraudulently replayed into the system a second time so long as the replay occurs at the time when the sequence number has recycled to the same sequence number as contained in the original message. This disclosure teaches the use of a pseudo-random number as a sequence number for purposes of message authentication. A previously generated and stored sequence number is appended to each message in encrypted form. In addition to the message authenticating sequence number, a new sequence number is also appended to the message in encrypted form. The new sequence number is not used to authenticate the current message but will be stored at both the sending terminal and the receiving terminal for authentication of the following message. The use of a random number for providing time-varying information is described in U.S. Patent 4,281,215 for purposes...