One way authentication pdf

In this work we are concerned with the scenario where two parties establish a private shared session key, but only one party authenticates to the other; in fact, the unauthenticated party may wish to have strong anonymity guarantees.

We present a desirable set of security, authentication, and anonymity goals for this setting and develop a model which captures these properties. Our approach allows for clients to choose among different levels of authentication. This is a preview of subscription content, access via your institution. Rent this article via DeepDyve. Aiello W. ACM Trans. Article Google Scholar. Bellare M. In: Stinson D. Advances in Cryptology—Proc.

Springer In: Preneel B. Bellovin S. IEEE Blake-Wilson S. In: Darnell M. Canetti R. In: Pfitzmann B. In: Yung M. Cheng Z. In: Chen K. Chien H. In: Huo T. Chow S. In: Garay J. Di Raimondo M. In: Wright R. ACM Dierks T. RFC Diffie W. IEEE Trans. Theory 22 6 : — Dingledine R. In: Proc. Fiore D. In: Joye M. Goldberg I. In: Danezis G. Kate A. Krawczyk H. In: Boneh D. In: Cramer R. Server device may also have the server token that server device provided to client device Additionally, or alternatively, server device may look up and find the server token based on the device information in the client token.

Server device may have access to proprietary databases, which may include device information. Server device may also have access to application information and corresponding package information. Therefore, server device may also look up and find a package certificate fingerprint based on package information in the client token or derive the package certificate fingerprint from the client token. In some cases, some of this information may be found elsewhere in the request. As explained above, server device may obtain all elements needed to generate a copy of the authentication token.

Server device may generate the copy of the authentication token. This may include creating a same data string that authentication component created. Server device may use a same hash function on the data string and the server token as was used by authentication component Because the authentication token is generated separately by client device and server device and with a one-way hash , no intervening parties may decrypt and use the one-way encrypted authentication token.

In some implementations, client device and server device may include a timestamp as part of the data string, or at least as part of the hash function. As shown by reference number , server device may perform a comparison of the copy of authentication token and the authentication token obtained from the client token.

If server device determines that the copy of the authentication token and the authentication token match, or are equal, then server device may authenticate application If server device determines that the authentication token and the copy of the authentication token do not match or are unequal, then server device may not authenticate application Server device may provide an authentication message, indicating whether application is authenticated or not.

This message may be protected with a token similar to the client token. This message may also include the authentication token or a hash of the authentication token. As shown by reference number , client application component may receive the authentication message.

Referring back to the texting application mentioned in connection with FIG. Client device may conserve networking and processing resources by not using the resources for unauthorized and maybe unknown activities that may be a part of executing an unauthenticated application.

Client device and server device may also conserve networking and processing resources that would otherwise be spent remedying a failure in a client-server authentication protocol. As explained above, client application component of client device may use the authentication token to authenticate application In some implementations, client application component may use authentication tokens in other processes that can benefit from increased security.

For example, client device may use the authentication token in relevant transactions set forth by standards or agreements, such as for radio common carrier e. An example of an RCC. At step 2 , server device parses the client token and extracts the authentication token and relevant identities e.

In some implementations, an EAP-AKA authentication protocol used between client device and server device may be configured to incorporate use of the authentication token. At step 3 , server device may validate the authentication token, similar to what was described in connection with FIG. In some cases where the authentication token is invalid, server device may require network authentication at step 4. Client application component may send a delete token message and a query authentication token message to authentication component , which may return the authentication token.

Client application component abbreviated as Client-app in FIG. If the configuration XML file is not found or is inactive HTTPS message in step 6 , client application component may remove a configuration from client device and retry configuration at step 7. If server device successfully authenticates the authentication token, server device may continue processing and generating the configuration XML, file at step 8.

At step 9 , server device may provide the configuration XML file. At step 10 , client application component may continue processing the configuration XML file. As indicated above, FIGS. Other examples can differ from what is described with regard to FIGS.

For example, in practice, there may be networks between the devices, additional devices, fewer devices, different devices, or differently arranged devices than those shown in FIGS.

As shown in FIG. Devices of environment may interconnect via wired connections, wireless connections, or a combination of wired and wireless connections. For example, network may include a cellular network e. Furthermore, two or more devices shown in FIG. Additionally, or alternatively, a set of devices e. Bus includes a component that permits communication among multiple components of device In some implementations, processor includes one or more processors capable of being programmed to perform a function.

For example, storage component may include a hard disk e. Input component includes a component that permits device to receive information, such as via user input e. Additionally, or alternatively, input component may include a component for determining location e.

Output component includes a component that provides output information from device via, e. Communication interface includes a transceiver-like component e. Device may perform one or more processes described herein. A memory device includes memory space within a single physical storage device or memory space spread across multiple physical storage devices.

Additionally, or alternatively, hardware circuitry may be used in place of or in combination with software instructions to perform one or more processes described herein. Thus, implementations described herein are not limited to any specific combination of hardware circuitry and software. The number and arrangement of components shown in FIG. In practice, device may include additional components, fewer components, different components, or differently arranged components than those shown in FIG.

Additionally, or alternatively, a set of components e. In some implementations, one or more process blocks of FIG. In some implementations, the client application component may be configured to authenticate, with a server device, a client application being processed by the client application component. For example, the client application component of the client device e. As further shown in FIG. The server token may be based on security information corresponding to the client application.

For example, the authentication component of the client device e. In some implementations, obtaining the server token may include obtaining the server token from one or more memories of the client device.

In some implementations, alone or in combination with one or more other implementations, obtaining the server token, by the authentication component, may include obtaining the server token from the server device. This may include determining the security information and device information that identifies the device.

Determining the security information may include obtaining package information e. In some implementations, the determining may include calculating a package certificate fingerprint as part of the security information, based on the package information, the signing certificate information and a hash function. Obtaining the server token may further include transmitting, to the server device, a request for the server token, where the request includes the device information and the security information.

Obtaining the server token may include receiving, based on transmitting the request for the server token, the server token from the server device. The authentication token may be protected by one-way encryption and may be generated based on the server token and a data string associated with the security information and the device information. In some implementations, alone or in combination with other implementations, the client device e.

The hash function may be an SHA hash function. The authentication component may generate the authentication token so that the authentication token is a one-way hash that prevents inversion of the authentication token. The client device may coordinate with the server device to use an application verification service AVS to prevent theft of the authentication token and unauthorized access of the EAP-AKA component.

Accordingly, receiving the authentication token may include the client application component receiving the authentication token only when the client application passes a check by the application verification service and a check by the EAP-AKA component.

If a new authentication token or client token is needed, the old authentication token or client token may be deleted before a new one is generated. This may be done to authenticate the client application, as described above. The client application component of the client device may receive a message from the server device.

In some cases, the message indicates that the client application is authenticated by the server device. In some cases, the message indicates that the client application is not authenticated by the server device. Although FIG. Additionally, or alternatively, two or more of the blocks of process may be performed in parallel. The foregoing disclosure provides illustration and description, but is not intended to be exhaustive or to limit the implementations to the precise form disclosed.

Modifications and variations may be made in light of the above disclosure or may be acquired from practice of the implementations. To the extent the aforementioned implementations collect, store, or employ personal information of individuals, it should be understood that such information shall be used in accordance with all applicable laws concerning protection of personal information.

Storage and use of personal information can be in an appropriately secure manner reflective of the type of information, for example, through various encryption and anonymization techniques for particularly sensitive information. Although each dependent claim listed below may directly depend on only one claim, the disclosure of various implementations includes each dependent claim in combination with every other claim in the claim set.

No element, act, or instruction used herein should be construed as critical or essential unless explicitly described as such. A method, comprising: providing, by a client application component of a device, a request to obtain an authentication token from an authentication component of the device;.

The method of claim 1 , wherein generating the authentication token such that the authentication token is protected by one-way encryption includes generating the authentication token using a hash function. The method of claim 2 , wherein the hash function is an SHA hash function.

The method of claim 2 , wherein generating the authentication token using a hash function includes generating the authentication token using a hash function of the server token, a data string associated with security information corresponding to a client application, and the device information.

The method of claim 1 , wherein the authentication token comprises a one-way hash. The method of claim 1 , wherein the client application component is configured to authenticate, with the server device, a client application being processed by the client application component, and wherein transmitting the client token includes transmitting the client token to the server device to authenticate the client application. The method of claim 6 , further comprising receiving, by the client application component and based on transmitting the client token, a message from the server device, the message indicating that the client application is authenticated by the server device.

The method of claim 6 , further comprising receiving, by the client application component and based on transmitting the client token, a message from the server device, the message indicating that the client application is not authenticated by the server device.

The method of claim 6 , wherein the server token is based on security information corresponding to the client application. The method of claim 9 , wherein obtaining the server token comprises: determining, by the authentication component, the device information and the security information;.

The method of claim 10 , wherein determining the security information comprises: obtaining package information corresponding to the client application, via an application program interface to a system-level component of the device; and.

The method of claim 1 , wherein the device information includes at least one of: a mobile device number MDN of the device; or. A device, comprising: one or more memories and one or more processors, the one or more memories and the one or more processors configured to: implement a client application component in a user partition of the device and an authentication component in a system partition of the device, the client application component being configured to authenticate, with a server device, a client application;.

The device of claim 13 , wherein the authentication component comprises an authentication and key agreement system of an extended authentication protocol EAP-AKA component in a secure element of the system partition, the EAP-AKA component being configured to obtain at least one of security information corresponding to the client application or device information that identifies the device.

The device of claim 14 , wherein the one or more processors are further configured to coordinate with the server device to use an application verification service to prevent theft of the authentication token and unauthorized access of the EAP-AKA component.

The device of claim 13 , wherein the one or more processors are configured to prevent, by the authentication component, generation of the authentication token based on determining that the device information is not validated by the server device. A non-transitory computer-readable medium storing instructions, the instructions comprising: one or more instructions that, when executed by one or more processors, cause the one or more processors to: provide, by a client application component of a device, a request to obtain an authentication token from an authentication component of the device, the client application component being configured to authenticate, with a server device, a client application being processed by the client application component;.

The non-transitory computer-readable medium of claim 17 , wherein the one or more instructions, that cause the one or more processors to generate the authentication token protected by one-way encryption, cause the one or more processors to generate the authentication token using a hash function of the server token and the data string.

The non-transitory computer-readable medium of claim , wherein the one or more instructions, that cause the one or more processors to determine, by the authentication component, the security information, cause the one or more processors to: obtain package information corresponding to the client application;.

The non-transitory computer-readable medium of claim 17 , wherein the one or more instructions, that cause the one or more processors to obtain the server token, cause the one or more processors to: determine, by the authentication component, the device information and the security information;.

Methods and devices for secure application authentication using a one-way encrypted authentication token. USA1 en. USB2 en.