WO2012093900A2 - Method and device for authenticating personal network entity - Google Patents

Method and device for authenticating personal network entity Download PDF

Info

Publication number
WO2012093900A2
WO2012093900A2 PCT/KR2012/000173 KR2012000173W WO2012093900A2 WO 2012093900 A2 WO2012093900 A2 WO 2012093900A2 KR 2012000173 W KR2012000173 W KR 2012000173W WO 2012093900 A2 WO2012093900 A2 WO 2012093900A2
Authority
WO
WIPO (PCT)
Prior art keywords
pne
authentication
cpns server
server
cpns
Prior art date
Application number
PCT/KR2012/000173
Other languages
French (fr)
Other versions
WO2012093900A3 (en
Inventor
Seok-Hoon Choi
Sung-Jin Park
Dong-Hoon Lee
Jung-Ha PAIK
Hyo-Jin JO
Original Assignee
Samsung Electronics Co., Ltd.
Korea University Research And Business Foundation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Samsung Electronics Co., Ltd., Korea University Research And Business Foundation filed Critical Samsung Electronics Co., Ltd.
Publication of WO2012093900A2 publication Critical patent/WO2012093900A2/en
Publication of WO2012093900A3 publication Critical patent/WO2012093900A3/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Definitions

  • the present invention relates generally to a personal network, and more particularly to a method and device for authenticating a personal network entity in a personal network.
  • CE Consumer Electronics
  • a user may search for reproducible content in consumer electronics over the Internet by using a Personal Computer (PC) and then download the searched content. After downloading the content to the PC, when a consumer electronics device and the PC are connected to each other through a dedicated cable, the consumer electronics device can download the content from the PC.
  • the cable may be replaced with a Bluetooth connection (i.e., a BLUETOOTH® specification-compliant connection), and the content can be shared between devices by using a Bluetooth scheme.
  • CPNS Converged Personal Network Service
  • the CPNS refers to a service for providing a corresponding service or a content after one Personal Network (hereinafter, referred to as a “PN”) configured by a combination of a device, which acts as a gateway in charge of communication with a long distance communication network, and a consumer electronics device, which reproduce an actual service and content, is constructed such that the consumer electronics device accesses a service/content providing server located in the long distance communication network through the device acting as the gateway.
  • PN Personal Network
  • PNE Personal Network Entity
  • an authentication protocol suitable for each PNE is required prior to providing a service to each PNE.
  • the authentication protocol corresponds to a protocol performed to recognize communication entities and is implemented in advance in order to perform other communications via the protocol in the future.
  • a method for a general device authentication protocol is largely divided into a method of using a symmetric key and a method of using a public key.
  • both of methods require a secure storage apparatus for their devices since the two methods perform an authentication after storing a key.
  • authentication is performed after a private key of the device is stored
  • symmetric key method authentication is performed after a secret key of the device is stored.
  • the PNE device cannot directly communicate with the PN server, and the PNE device may also operate in various environments including devices such as a fax machine, a scanner, a printer, a TeleVision (TV), a set top box, an audio, a camera, an MP3 player, a PMP, a refrigerator, a washing machine, a microwave oven, etc. Accordingly, a conventional authentication method is not suitable for the PNE device, and all devices using such a system should implement secure storage spaces in order to protect against malicious authentication.
  • devices such as a fax machine, a scanner, a printer, a TeleVision (TV), a set top box, an audio, a camera, an MP3 player, a PMP, a refrigerator, a washing machine, a microwave oven, etc.
  • the present invention has been made to solve the above-stated problems occurring in the prior art, and the present invention provides a method and device for authenticating a PNE which is a heterogeneous device through a PN GW which can securely communicate with a CPNS server in an environment where the PNE and the PN GW have a transmission channel which cannot guarantee the safety between them and the PNE cannot have a secure storing apparatus.
  • the present invention also provides a method and device for authenticating a device desired to be authenticated by a user, the device not having an input apparatus and not being able to directly communicate with a server.
  • a method of authenticating a Personal Network Entity includes transmitting, by a Personal Network GateWay (PN GW) a PNE serial number (SN PNE ) to a CPNS (Converged Personal Network Service) server; storing an authentication value chain of a PNE received from the CPNS server and an inherent assignment key (TK PNE ) that is secret information of a corresponding PNE; encrypting a selected authentication value from among the authentication value chain with the inherent assignment key of the corresponding PNE; transmitting the encrypted authentication value to the corresponding PNE; storing, by the corresponding PNE, the encrypted authentication value; and performing an authentication procedure between the PNE and the CPNS server by using the encrypted authentication value stored in the PNE.
  • PN GW Personal Network GateWay
  • SN PNE PNE serial number
  • TK PNE inherent assignment key
  • a method of authenticating a Personal Network Entity includes storing, by a PN GW (Personal Network GateWay), when a PNE requests an authentication, a physical address (MAC PNE ) of the PNE and transferring the physical address (MAC PNE ) of the PNE together with the authentication request to a CPNS (Converged Personal Network Service) server; identifying, by the CPNS server, the physical address (MAC PNE ) of the PNE, generating a random number R to be used in an authentication session, and transmitting the R together with an authentication response; storing, by the PN GW, the R transmitted from the CPNS server, generating a NONCE to be used for a PIN generation, and transmitting the R and the NONCE together with the authentication response to the PNE; generating, by the PNE, a Personal Identification Number (PIN) through a preset PIN generation function, generating a Random Pin (RP
  • a CPNS server can authenticate a PNE, which is a heterogeneous device, through the PN GW, which can securely communicate with the CPNS server, without a separate secure storage space in the PNE.
  • the PNE authentication method provides a scheme capable of effectively authenticating a device, which a user desires to authenticate but has no input apparatus and cannot directly communicate with the server.
  • FIG. 1 is a diagram of a CPNS system to which an embodiment of the present invention is applied;
  • FIGs. 2, 3, and 4 are block diagrams of a PNE, a PN gateway, and a CPNS server according to an embodiment of the present invention, respectively;
  • FIG. 5 is flowchart illustrating a process of storing PNE authentication related information for a PNE authentication in a CPNS server according to an embodiment of the present invention
  • FIG. 6 is a flowchart illustrating a process for storing PNE authentication related information for a PNE authentication in a PN GW and a PNE according to an embodiment of the present invention
  • FIG. 7 is a flowchart illustrating a process for storing PNE authentication related information for a PNE authentication in a CPNS server, a PN GW and a PNE according to another embodiment of the present invention
  • FIG. 8 is a flowchart illustrating authentication between a PNE and a CPNS server through a PN GW according to an embodiment of the present invention
  • FIGs. 9A and 9B are flowcharts illustrating registration of a CPNS server by a PNE according to another embodiment of the present invention.
  • FIG. 10 is a flowchart illustrating authentication between a PNE and a CPNS server through a PN GW according to another embodiment of the present invention.
  • FIG. 1 is a diagram of a CPNS system according to an embodiment of the present invention.
  • a CPNS system may include one or more Personal Network Entities (PNEs) 10 and 12, a Personal Network GateWay (PN GW) 20, a CPNS server 30, and a service/content providing server 40 and may include a manufacturer device managing server 50, which can be connected to the above elements through an internet, as well.
  • PNEs Personal Network Entities
  • PN GW Personal Network GateWay
  • CPNS server 30 may include a manufacturer device managing server 50, which can be connected to the above elements through an internet, as well.
  • the service/content providing server 40 is located in an external network, and corresponds to a device providing a service or content that a user can use in the CPNS server 30.
  • the external network may be an Internet and/or a mobile phone network.
  • the CPNS server 30 may include the service/content providing server 40 and the manufacturer device managing server 50.
  • the PNEs 10 and 12 refer to user terminal devices directly executing a service.
  • the PNEs may include devices such as an MP3 player, a PMP, a mobile communication terminal, etc., and the PNEs reproduce content stored in them to provide a user with a service.
  • the PNEs 10 and 12 have a short distance communication module therein in order to perform short distance communication with another neighboring device, i.e., another PNE or a PN gateway.
  • the PNEs 10 and 12 are electronic devices that directly provide a service to a user.
  • the PNE may include various types of electronic devices, such as an MP3 player, a PMP, a game machine, a notebook, a navigation unit, etc., as well as consumer electronics such as a refrigerator.
  • the electronic devices receive content requested by a user from the service/content providing server 40 and reproduce the content so that the user can receive a service.
  • the PNEs 10 and 12 have a short distance communication module therein so they can perform short distance communication with another neighboring device (i.e., another PNE or PN gateway).
  • the PNEs 10 and 12 perform a pairing with the PN GW 20 in a short distance communication scheme and configure a personal network with the PN GW 20, so that the PNEs 10 and 12 can access the CPNS server 30 through the PN GW 20 and receive a content provided by the service/content providing server 40 to use a CPNS.
  • configuration of the personal network refers to an identification of a role of each physically paired device and a configuration of a network between the PNEs 10 and 12 and the PN GW 20 in order to provide a CPNS.
  • a determination is performed as to whether there are CPNS resources between the PNEs 10 and 12 and the PN GW 20, as well as whether the device can use the CPNS through an authentication and an authorization, and a device’s role is identified.
  • a process of identifying whether the device is operated with a GW mode or a PNE mode is performed, so that a network is formed in an aspect of an application for providing the CPNS.
  • the PNEs 10 and 12 can access the CPNS server 30 of a service provider network by using a communication function of the PN GW 20.
  • the PN GW 20 is a device capable of accessing the CPNS server 30 located in an external network, i.e., the service provider network. Further, the PN GW 20 can configure a personal network with the PNEs 10 and 12 and relays a CPNS system message and a service or a content transmission between the CPNS server 30 and the PNEs 10 and 12. That is, when the PNEs 10 and 12 included in the personal network 30 request a service, the PN GW 20 performs a relay function to transfer the service to the CPNS server 30. Further, the PN GW 20 transfers a service or content provided by the CPNS server 30 to the PNEs 10 and 12.
  • the PN GW 20 may be a device such as, a mobile phone, a PDA, a set top box, etc.
  • the CPNS server 30 registers and manages the PN GW 20, the PNEs 10 and 12, and the personal network according to a registration request from the PN GW 20, and processes a request for a service or a content transferred by the PNEs 10 and 12 through the PN GW 20.
  • the CPNS server 30 provides the requested service and content to the PNEs 10 and 12 through the PN GW 20.
  • the request is transferred to the external service/content providing server 40 and the corresponding service or content is provided to the PNEs 10 and 12 through the PN GW 20.
  • FIG. 2 is block diagram of PNEs according to an embodiment of the present invention.
  • the PNEs 10 and 12 include a PN connection controller 110, a first short distance communication module 120, and a first memory 130.
  • the first short distance communication module 120 performs short distance communication and may perform, for example, Bluetooth communication, Zigbee communication (i.e., ZIGBEE® specification-compliant communication), Infrared Data Association (IrDA) communication (i.e., IRDA® specification-compliant communication), visible light communication, etc.
  • the first memory 130 may be used as a working memory of the PN connection controller 110, may store various program data, which are required for configuring a personal network, containing information required for an authentication procedure according to characteristics of the present invention which will be described later, and may store device information.
  • the first memory 130 also stores information on various services provided from the CPNS server 30 through the PN GW 20.
  • the PN connection controller 110 controls all operations of the PNEs 10 and 12 related to a configuration and a release of the personal network and the authentication procedure according to characteristics of embodiments of the present invention, which are described later herein, and controls an operation related to a service or a content request and a service or a content reception through the configured personal network. Accordingly, the PN connection controller 110 controls the first short distance communication module 120 in order to configure the personal network and performs a physical for pairing with neighboring devices in order to configure a communication link. The PN connection controller 110 also searches for the PN GW in the physically paired devices and requests a network connection when the PN GW 20 is detected.
  • FIG. 3 is a block diagram of a PN GW according to an embodiment of the present invention.
  • the PN GW 20 includes a PN manager 210, a second short distance communication module 220, a second memory 230, and a communication unit 240.
  • the second short distance module 220 performs short distance communication and may perform, for example, Bluetooth communication, Zigbee communication, IrDA communication, visible light communication, etc.
  • the communication unit 240 performs communication with entities of an external network and transmits/receives messages and data to/from the CPNS server 30 and the service/content providing server 40.
  • the second memory 230 may be a working memory of the PN manager 210, and may store various program data required for a personal network configuration.
  • the second memory 230 also stores information on the PNEs connected to the personal network and information regarding a device corresponding to each PNE, including information required for an authentication procedure described later herein.
  • the PN manager 210 controls a general operation of the PN GW 20 related to the personal network.
  • FIG. 4 is a block diagram of a CPNS server according to an embodiment of the present invention.
  • the CPNS server 30 includes a controller 310, a transmitting/receiving unit 320, and a third memory 330.
  • the transmitting/receiving unit 320 communicates with the PN GW 20 and the service/content providing server 40 according to a control of the controller 310.
  • the third memory 330 registers and stores PNE information transferred from the PN GW 20.
  • the third memory 330 stores various contents and services to be provided to the PNEs, and also stores a service matching table corresponding to each of the contents and services.
  • the service matching table includes information regarding minimum device functions and capabilities required for the PNEs that will receive and process a corresponding content or service. Further, the third memory 330 stores information required for an authentication of the PNE according to characteristics of the present invention, which is described later herein.
  • the controller 310 controls a general operation of the CPNS server 30.
  • a PNE authentication method implemented according to characteristics of the present invention may be divided into two types.
  • a first type corresponds to a method of authenticating the PNE through a serial number generated and assigned only by a manufacturer device managing service
  • a second type corresponds to an authentication method in which there is a minimum number of displays in the device and numbers or letters can be expressed in the displays of the device.
  • a mutual authentication method between the PNE and the CPNS server by using a hash-chain is described as follows with reference to FIGs. 5-7.
  • the CPNS server registers a required PNE hardware inherent value (serial number) in advance and uses the registered value in a device authentication.
  • the hash-chain method encrypts and stores secret information and then receives an authentication value from the PN GW to authenticate the PNE when needed.
  • Table 1 below includes a listing of terms and definitions corresponding to the method, which are described in further detail later herein.
  • a process of storing PNE authentication information according to the hash-chain method is described as follows with reference to FIGs. 5-7.
  • FIG. 5 is flowchart illustrating a process of storing PNE authentication related information for a PNE authentication in a CPNS server according to an embodiment of the present invention.
  • a CPNS server 30 sends a request for a PNE assignment key (TK PNE ) according to a PNE identifier (SN PNE ) to the manufacturer device managing server 50 and stores the requested information.
  • TK PNE PNE assignment key
  • SN PNE PNE identifier
  • the following described operations may be performed in an operation in which the CPNS server 30 stores the PNE assignment key according to the PNE identifier.
  • step 501 for a PNE registration process, the CPNS server 30 configures a secure channel with the PN GW 20 through a web service and then provides a PNE registration service to a user. If step 501 is performed, then step 502 is not performed. Similarly, if step 502 is performed, step 501 is not performed. In step 502, for the PNE registration process, the PN GW 20 configures a secure channel with the CPNS server 30 and then provides a PNE registration service to a user.
  • the user physically identifies SN PNE of the PNE through step 501 or step 502 and then registers the SN PNE in the CPNS server 30.
  • the SN PNE corresponds to a number provided to a PNE user when purchasing the PNE and is not stored in a storage space of the PNE.
  • the SN PNE refers to a PNE entity IDentifier (ID) and is indicated as an SN.PNE or an SN.PNGW according to a PNE’s role acting as the PNE or the GW, respectively.
  • ID PNE entity IDentifier
  • the CPNS server 30 has sufficient secure storage space.
  • the CPNS server 30 After receiving the SN PNE from the user, configures a secure channel with the manufacturer device managing server 50 through a mutual authentication process using a base authentication technology (e.g. 3 rd Generation Partnership Project (3GPP) Generic Bootstrapping Architecture (GBA)) for a SN PNE identification.
  • a base authentication technology e.g. 3 rd Generation Partnership Project (3GPP) Generic Bootstrapping Architecture (GBA)
  • GBA Generic Bootstrapping Architecture
  • step 506 the manufacturer device managing server 50 identifies whether serial numbers other than SN PNE extensions (*.PNE, *.PNGW) are valid.
  • step 507 when the identification process is completed, the manufacturer device managing server 50 transmits the TK PNE , which is secret information corresponding to the SN PNE , to the CPNS server 30 through the secure channel.
  • the CPNS server 30 stores the SN PNE input by the user and the TK PNE transmitted from the manufacturer device managing server 50 in its storage space.
  • the SN PNE and the TK PNE are used in an authentication procedure of the CPNS server 30 in the future.
  • FIG. 6 is a flowchart illustrating a process of storing a PNE authentication key (AK PNE ) in a PN GW and a PNE for PNE authentication according to an embodiment of the present invention.
  • AK PNE PNE authentication key
  • the following operations may be performed in connection with an operation of storing a PNE authentication value in the PNE 10 and the PN GW 20.
  • the PNE 10 initially stores its inherent TK PNE in a manufacturing process. Meanwhile the PN GW 20 does not initially store information on the PNE 10, because the PN GW 20 does not know which PNE will be registered in the PN GW 20 itself. However, a secure storage space for securely storing PNE information is required in a PNE registration. Further, the CPNS server 30, having performed the process of storing the PNE assignment key and the SN PNE of the PNE 10 in the CPNS server 30 as shown in FIG. 5, stores the SN PNE and the TK PNE , which are information regarding the PNE 10, in the secure storage space.
  • step 601 for a PNE-PN GW registration process, the user inputs the SN PNE and a random N PNE in the PN GW 20.
  • the count refers to a count value managed by the GW.
  • the count is initially set as “1” and is increased by “1” in each subsequent authentication process.
  • the K PW1 refers to a security key value for additionally encrypting a PNE authentication key that will be stored in the PNE 10 in the future, and a generation of the K PW1 may not be performed depending on a security level.
  • the PN GW 20 performs a mutual authentication process with the CPNS server 30 by using a base authentication technology (e.g., 3GPP GBA) and then configures a secure channel.
  • a base authentication technology e.g., 3GPP GBA
  • the PN GW 20 transmits the SN PNE and the N PNE to the CPNS server 30 through the secure channel.
  • the SN PNE and the N PNE may be encrypted by using a shared key K GS between the PN GW 20 and the CPNS server 30 and then the encrypted SN PNE and the N PNE is transmitted, as an example but the present invention is not limited thereto and other various schemes may be applied in accordance with embodiments of the present invention.
  • the CPNS server 30 generates an authentication value chain of the PNE 10 through the created Seed PNE as follows:
  • AK n-1 H(AK n )
  • AK n-2 H(AK n-1 )
  • AK 1 H(AK 2 )
  • the authentication value chain is generated to compensate for a difficulty of implementing a space in which the PNE 10 can securely and permanently store one PNE authentication value.
  • the AK PNE can be renewed within the generated chain value whenever the PNE 10 requests an authentication or the authentication value chain is expired, so that the security can be guaranteed even though the PNE authentication value is exposed to an outside entity.
  • a length of the authentication chain is determined by a service provider, and an expired authentication chain should be updated through communication between the PN GW 20 and the CPNS server 30. For example, when a service renewal attempt is performed every 30 days, a length of the authentication chain is set to be 30 chains long. When a service renewal attempt is performed annually, a length of the authentication chain may be set to be 365 chains long. In order to renew the expired authentication chain, the PNE 10 user should input an appropriate SN PNE again and pass a registration process.
  • the CPNS server 30 In step 605, the CPNS server 30 generates the PNE authentication value chain and then transmits [AK PNE ] and TK PNE to the PN GW 20.
  • the [AK PNE ] and the TK PNE may be encrypted by using a shared key K GS between the PN GW 20 and the CPNS server 30 and then the encrypted [AK PNE ] and the TK PNE is transmitted as an example, but the present invention is not limited thereto and other various schemes may be applied in accordance with embodiments of the present invention.
  • step 606 the PN GW 20 receives the [AK PNE ] and the TK PNE , and then the PN GW 20 stores information on the [AK PNE ] and the TK PNE in its storage space.
  • the PN GW 20 encrypts AK 1 corresponding to a first authentication value among the [AK PNE ] using the K PW1 , encrypts the encrypted AK 1 ,that is E_K PW1 (AK 1 ), using the TK PNE , and transmits the encrypted AK 1 , that is E_ TK PNE (E_K PW1 (AK 1 )), to the PNE 10.
  • the AK 1 among the [AK PNE ] is encrypted by using the K PW1 in order to prevent the AK 1 from being known through information stored in the PNE 10, even if the PNE 10 is stolen.
  • the process of encrypting the AK 1 using the K PW1 may be omitted when the K PW1 is not generated in step 601 as necessary.
  • the encrypted the AK 1 by using K PW1 is also encrypted by using the TK PNE in order to provide the safety a transmission channel between the PNE 10 and the PN GW 20.
  • step 608 the PNE 10 stores the encrypted E_K PW1 (AK 1 ) in its storage space.
  • FIG. 7 is a flowchart illustrating a process of storing PNE authentication information according to another embodiment of the present invention.
  • the following operations may be performed in a series of operations for storing a PNE authentication key and PNE assignment keys between the PNE 10, the PN GW 20, the CPNS server 30, and the manufacturer device managing server 50.
  • step 701 he user inputs the SN PNE and the N PNE in the PN GW 20.
  • the count which refers to a count value managed by the GW, is initially set as “1” and is increased by “1” in each authentication process performed in the future.
  • the SN PNE is a PNE 10 entity ID and is indicated as an SN.PNE or an SN.PNGW according to a PNE 10’s role acting as the PNE 10 or the GW, respectively.
  • the K PW1 is a security key value for additionally encrypting a PNE authentication key that will be stored in the PNE 10 in the future, and the K PW1 may not be generated depending on a security level.
  • the PN GW 20 performs a mutual authentication process with the CPNS server 30 by using a base authentication technology (e.g., 3GPP GBA) and then configures a secure channel.
  • a base authentication technology e.g., 3GPP GBA
  • the PN GW 20 transmits the SN PNE and the N PNE to the CPNS server 30 through the secure channel.
  • the SN PNE and the N PNE may be encrypted by using a shared key K GS between the PN GW 20 and the CPNS server 30, and then the encrypted SN PNE and the N PNE may be transmitted as an example
  • the present invention is not limited to this scheme, and other such schemes may be used in accordance with embodiments of the present invention.
  • the CPNS server 30 generates an authentication value chain of the PNE 10 through the created Seed PNE as follows:
  • AK n-1 H(AK n )
  • AK n-2 H(AK n-1 )
  • AK 1 H(AK 2 )
  • a length of the authentication chain is determined by a service provider, and an expired authentication chain should be updated through communication between the PN GW 20 and the CPNS server 30. For example, when a service renewal attempt is performed every 30 days, a length of the authentication chain is set to be 30 chains long. When a service renewal attempt is performed annually, a length of the authentication chain may be set to be 365 chains long. In order to renew the expired authentication chain, the PNE 10 user should input an appropriate SN PNE again and pass a registration process.
  • step 705 the CPNS server 30 transmits the SN PNE to the manufacturer device managing server 50 through the secure channel.
  • the manufacturer device managing server 50 identifies whether serial numbers other than SN PNE extensions (*.PNE, *.PNGW) are valid.
  • step 707 after the identification is complemented, the manufacturer device managing server 50 transmits the PNE assignment key (TK PNE ) corresponding to the SN PNE to the CPNS server 30 through the secure channel.
  • TK PNE PNE assignment key
  • the CPNS server 30 stores the SN PNE input by the user and the TK PNE , which corresponds to the SN PNE , is transmitted from the manufacturer device managing server 50 in a secure storage space.
  • the SN PNE and the TK PNE are used in an authentication procedure of the PNE 10 and the CPNS server 30 in the future.
  • the CPNS server 30 In step 709, the CPNS server 30 generates the authentication value chain of the PNE 10 and then transmits the [AK PNE ] and the TK PNE to the PN GW 20 through the secure channel.
  • the [AK PNE ] and the TK PNE may be encrypted by using a shared key K GS between the PN GW 20 and the CPNS server 30, and then the encrypted the [AK PNE ] and the TK PNE may be transmitted.
  • the present invention is not limited thereto, and other schemes may be used in accordance with embodiments of the present invention.
  • the PN GW 20 receives the [AK PNE ] and the TK PNE and then stores the received data in its storage space.
  • the PN GW 20 encrypts AK 1 corresponding to a first authentication value among the [AK PNE ] using the K PW1 , encrypts the encrypted AK 1 ,that is E_K PW1 (AK 1 ), using the TK PNE , and transmits the encrypted AK 1 , that is E_ TK PNE (E_K PW1 (AK 1 )), to the PNE 10.
  • the AK 1 among the [AK PNE ] is encrypted by using the K PW1 in order to prevent the AK 1 from being known through information stored in the PNE 10, even if the PNE 10 is stolen.
  • the process of encrypting the AK 1 using the K PW1 may be omitted when the K PW1 is not generated in step 601, as necessary.
  • the encrypted the AK 1 using K PW1 is also encrypted by using the TK PNE in order to provide the safety a transmission channel between the PNE 10 and the PN GW 20.
  • the PNE 10 stores the AK 1 or an E_K PW1 (AK 1 ) encrypted using the TK PNE in its storage space.
  • a PNE-CPNS authentication process according to the hash-chain method is described as follows with reference to FIG. 8.
  • FIG. 8 is a flowchart illustrating an authentication between the PNE and the CPNS server through a PN GW according to an embodiment of the present invention.
  • the PNE 10 stores the TK PNE , and the encrypted AK 1 using K PW1 , that is E_K PW1 (AK 1 ).
  • the PN GW 20 stores the SN PNE, the TK PNE, [AK PNE ], and count corresponding to the PNE 10.
  • THE CPNS server 30 stores the SN PNE, the TK PNE , and Seed PNE corresponding to the PNE 10.
  • the following operations may be performed in the authentication operation between the PNE 10 and the CPNS server 30 through the PN GW 20.
  • the PN GW 20 transmits a trigger message to the PNE 10 in order to enable the PNE 10 to transmit an authentication request message Authentication Request PNE .
  • the PNE 10 transmits the authentication request message Authentication Request PNE to the PN GW 20 for an authentication.
  • the PN GW 20 performs a mutual authentication process with the CPNS server 30 by using a base technology (e.g., 3GPP GBA), and then configures a secure channel.
  • the PN GW 20 transmits the authentication request message Authentication Request PNE to the CPNS server 30 through the secure channel.
  • step 805 the CPNS server 30 transmits the AN and the R to the PN GW 20 through the secure channel.
  • the PN GW 20 calculates an E_TK PNE (K PW1 ) encrypted by using the TK PNE and an E_K PW2 (AK 2 ) encrypted by using the K PW2 .
  • the PN GW 20 transmits the E_TK PNE (K PW1 ⁇ E_K PW2 (AK 2 ) ⁇ AN ⁇ R) to the PNE 10. That is, the PN GW 20 transmits the encrypted K PW1 , E_K PW2 (AK 2 ), AN and R by using the TK PNE .
  • step 808 the PNE 10 decrypts K PW1 , E_K PW2 (AK 2 ), AN and R using the TK PNE stored in its storage space.
  • the PNE 10 identifies whether the AN is generated in a proper CPNS server 30 by using the TK PNE stored in its storage space and the transmitted R and then decrypts a transmitted value to the TK PNE to obtain the K PW1 .
  • the PNE 10 decrypts the E_K PW1 (AK 1 ) using the K PW1 to obtain the AK 1 .
  • the PNE 10 also encrypts the AK1 using the TK PNE to calculate the E_TK PNE (AK 1 ).
  • the PNE 10 deletes the E_K PW1 (AK 1 ) from its storage space, stores the E_K PW2 (AK2)transmitted from the PN GW 20, and replaces the TK PNE with a TK PNE ’.
  • the PNE 10 transmits the E_TK PNE (AK 1 ) to the PN GW 20.
  • the PN GW 20 transmits the E_TK PNE (AK 1 ) received from the PNE 10 and a value C generated by subtracting “1” from the count stored in its storage space to the CPNS server 30 through the secure channel.
  • the CPNS server 30 receives the C and the E_TH PNE (AK 1 ) from the PN GW 20 and then decrypts the E_TH PNE (AK 1 ) uging the TK PNE stored in its storage space to obtain the AK 1 .
  • the CPNS server 30 identifies whether the AK 1 is the same as an H n-c+1 (Seed PNE ) by using a Seed PNE stored in its storage space.
  • the CPNS authenticates that the PNE 10 has transmitted a proper AK 1 .
  • the CPNS server 30 replaces the TK PNE with a TK PNE ’. If the AK 1 is different from the H n-c+1 (Seed PNE ), the CPNS server 30 stops an authentication session.
  • step 812 when the AK 1 identification is completed, the CPNS server 30 transmits an authentication confirmation message “Confirmation Response”.
  • the PN GW 20 transmits the Confirmation Response to the PNE 10.
  • step 813 after all authentications are completed, the PNE 10 and the CPNS server 30 generate a common session key SK by using a key derivation function KEY_DERIVATION() as defined in the following equation:
  • a password based authentication method using a PNE display is described as follows with reference to FIGs. 8-10.
  • the password based method is divided into a device registration procedure and an authentication procedure, and all PNE hardware inherent address values (MAC) are registered in a server in advance to use the values in a device authentication. Further, according to the method, it is assumed that a method of displaying simple numbers or letters is supported in most appliance terminals.
  • MAC PNE hardware inherent address values
  • FIGs. 9A and 9B are flowcharts illustrating registration of the CPNS server 30, by the PNE 10, according to another embodiment of the present invention.
  • step 901 the user sets an ID “ID USER ” and a password “PW USER ” for a service authentication and subscribes a service through a web service. At this time, the user’s ID USER and PW USER are used for the user’s service authentication. Further, the user registers a physical address (MAC PNE ) of device(s), which the user desires to use in the CPNS server 30, in the CPNS server 30.
  • step 901 is performed, step 902 of FIG. 9B is not performed. Similarly, when step 902 is performed, step 901 is not performed.
  • step 902 the user can register the ID USER and the PW USER in the CPNS server 30 by using the PN GW 20 belonging to the user for a service authentication regardless of step 901.
  • step 903 the CPNS server 30 stores user’s input ID USER , PW USER , and MAC USER in a DB.
  • a PNE authentication process according to the password based authentication method is described as follows with reference to FIG. 10.
  • FIG. 10 is a flowchart illustrating an authentication between the PNE and the CPNS server through the PN GW according to another embodiment of the present invention.
  • the following operations may be performed in an authentication operation between the PNE 10 and the CPNS server 30 through the PN GW 20.
  • step 1001 for a PNE registration process, the PN GW 20 and the CPNS server 30 have sufficient storage spaces and configure a secure channel by using a base authentication technology (e.g., 3GPP GBA) after a mutual authentication process.
  • a base authentication technology e.g., 3GPP GBA
  • 3GPP GBA 3GPP GBA
  • step 1002 the PNE 10 performs a pairing process with a PN GW 20, which becomes a GW of the PNE 10.
  • step 1003 the PNE 10 makes an authentication request from the PN GW 20.
  • the user is an entity that first attempts the authentication request, so that the user may construct a specific function enabling the PNE 10 to make the authentication request or construct a user interface allowing the user to make the authentication request from the PN GW 20 itself.
  • step 1004 in the authentication request, the PN GW 20 stores a physical address of the PNE 10 trying to make the authentication request.
  • the PN GW 20 transmits an authentication request message Authentication Request to the CPNS server 30.
  • the PN GW 20 also transmits the MAC USER of the PNE 10 making the authentication request.
  • the CPNS server 30 having received the Authentication Request, searches for a corresponding MAC USER in its user DB, and generates a random number R to be used for an authentication session when an existing record is found. If there is no corresponding MAC USER in its DB, the CPNS rejects the authentication.
  • the CPNS server 30 includes the R in the Authentication Response and transmits the Authentication Response.
  • the PN GW 20 stores the R included in the transmitted Authentication Response and generates a NONCE to be used for a PN generation.
  • the PN GW 20 includes the R and the NONCE in the Authentication Response and transmits the Authentication Response to the PNE 10.
  • step 1010 the PNE 10 generates a Personal Identification Number (PIN) through a set PIN generation function GEN_PIN() as defined in the following equation:
  • PIN GEN_PIN (R, NONCE, MAC USER )
  • the PNE 10 also generates a Random PIN (RP). At this time, in a display of the PNE 10, a number is used or a number and a character string are mixedly used as an expressible character string. The PNE 10 expresses generated information in a form of PIN ⁇ RP in the display and waits for a response.
  • RP Random PIN
  • step 1011 the user inputs the PIN ⁇ RP expressed in the display in the PN GW 20.
  • the user directly inputs the expressed information in the PN GW 20 without passing through a channel configured between the PNE 10 and the PN GW 20, so that secure communication can be performed independent of a confidentiality of a channel between the PNE 10 and the PN GW 20.
  • the PN GW 20 generates a PIN’ as shown in the following equation and attempts verification:
  • PIN GEN_PIN(R, NONCE, MAC USER )
  • a load generated in the server authentication may be reduced through first blocking an incorrect authentication request by the PN GW 20.
  • the PN GW 20 when the PIN information is correct, the PN GW 20 additionally receives an input of the ID USER /PW USER from the user. Further, a server authentication value W for the server authentication of the PNE 10 is generated by using the input PW USER as defined in the following equation:
  • step 1013 the PN GW 20 transmits a confirmation request message Confirmation Request to the CPNS server 30.
  • the IDUSER, the W, the NONCE, and the RP are included in the message.
  • step 1014 the CPNS server 30 calculates a PIN’ and a W’ as shown in the following equations and inspects an effectiveness of the user and the PNE 10:
  • PIN’ GEN_PIN(R, NONCE, MAC USER )
  • step 1015 the CPNS server 30 transmits the authentication confirmation message Confirmation Response.
  • the PN GW 20 transfers the Confirmation Response to the PNE 10 and continuously performs a GW service.
  • step 1016 after all authentications are completed, the PNE 10 and the CPNS server 30 generate a common session key SK by using a key derivation function KEY_DERIVATION() as defined in the following equation:
  • the CPNS server 30 can authenticate the PNE 10, which is a heterogeneous device, through the PN GW 20, which can securely communicate with the CPNS server 30, without a separate secure storage space in the PNE 10. Further, the PNE authentication method provides a scheme capable of effectively authenticating a device, which a user desires to authenticate but has no input apparatus and cannot directly communicate with the server.

Abstract

A method of authenticating a Personal Network Entity (PNE) is provided. The method includes transmitting a PNE serial number (SNPNE) to a CPNS (Converged Personal Network Service) server by a Personal Network GateWay (PN GW); storing an authentication value chain of a PNE transmitted from the CPNS server and an inherent assignment key (TKPNE) that is secret information of a corresponding PNE; encrypting a selected authentication value from among the authentication value chain with the inherent assignment key of the corresponding PNE to transmit the encrypted authentication value to the corresponding PNE and storing the encrypted authentication value in the corresponding PNE; and performing an authentication procedure between the PNE and the CPNS server by using the encrypted authentication value stored in the PNE.

Description

METHOD AND DEVICE FOR AUTHENTICATING PERSONAL NETWORK ENTITY
The present invention relates generally to a personal network, and more particularly to a method and device for authenticating a personal network entity in a personal network.
With an exponential increase in use of Consumer Electronics (CE) devices in which short distance communication is enabled (e.g., an Motion Picture Experts’ Group Audio-Layer 3 (MP3) player, a Portable Multimedia Player (PMP), a game machine, a netbook, etc.), users seek methods for conveniently downloading content to such devices.
A user may search for reproducible content in consumer electronics over the Internet by using a Personal Computer (PC) and then download the searched content. After downloading the content to the PC, when a consumer electronics device and the PC are connected to each other through a dedicated cable, the consumer electronics device can download the content from the PC. In another similar process, the cable may be replaced with a Bluetooth connection (i.e., a BLUETOOTH® specification-compliant connection), and the content can be shared between devices by using a Bluetooth scheme.
However, methods by which consumer electronics devices can directly access a long distance communication network are highly limited. For example, some of consumer electronics devices can access a long distance communication network only when accessing Internet through a Wireless-Fidelity (Wi-Fi) connection in an area where there is an Access Point (AP). Accordingly, there is a need for a method by which consumer electronics devices (which may have access to short distance communications without an ability to directly access a long distance communication network) may access a long distance communication network through a gateway to download content. According to this need, a CPNS (Converged Personal Network Service) is proposed.
The CPNS refers to a service for providing a corresponding service or a content after one Personal Network (hereinafter, referred to as a “PN”) configured by a combination of a device, which acts as a gateway in charge of communication with a long distance communication network, and a consumer electronics device, which reproduce an actual service and content, is constructed such that the consumer electronics device accesses a service/content providing server located in the long distance communication network through the device acting as the gateway. In such a CPNS, the device acting as the gateway is referred to as a Personal Network (PN) gateway and the consumer electronics device accessing the long distance communication network through the PN gateway are referred to as a Personal Network Entity (PNE).
Meanwhile, in such a PN, an authentication protocol suitable for each PNE is required prior to providing a service to each PNE. The authentication protocol corresponds to a protocol performed to recognize communication entities and is implemented in advance in order to perform other communications via the protocol in the future.
A method for a general device authentication protocol is largely divided into a method of using a symmetric key and a method of using a public key. However, both of methods require a secure storage apparatus for their devices since the two methods perform an authentication after storing a key. In particular, in the public key method, authentication is performed after a private key of the device is stored, and in the symmetric key method, authentication is performed after a secret key of the device is stored. However, when there is no secure storage apparatus in the device, it is possible to copy secret information from a storage space of the device vulnerable to attacks in comparison with a server, so that the copied secret information may be used for a malicious authentication of the device.
However, the PNE device cannot directly communicate with the PN server, and the PNE device may also operate in various environments including devices such as a fax machine, a scanner, a printer, a TeleVision (TV), a set top box, an audio, a camera, an MP3 player, a PMP, a refrigerator, a washing machine, a microwave oven, etc. Accordingly, a conventional authentication method is not suitable for the PNE device, and all devices using such a system should implement secure storage spaces in order to protect against malicious authentication.
Accordingly, the present invention has been made to solve the above-stated problems occurring in the prior art, and the present invention provides a method and device for authenticating a PNE which is a heterogeneous device through a PN GW which can securely communicate with a CPNS server in an environment where the PNE and the PN GW have a transmission channel which cannot guarantee the safety between them and the PNE cannot have a secure storing apparatus.
The present invention also provides a method and device for authenticating a device desired to be authenticated by a user, the device not having an input apparatus and not being able to directly communicate with a server.
In accordance with an aspect of the present invention, there is provided a method of authenticating a Personal Network Entity (PNE). The method includes transmitting, by a Personal Network GateWay (PN GW) a PNE serial number (SNPNE) to a CPNS (Converged Personal Network Service) server; storing an authentication value chain of a PNE received from the CPNS server and an inherent assignment key (TKPNE) that is secret information of a corresponding PNE; encrypting a selected authentication value from among the authentication value chain with the inherent assignment key of the corresponding PNE; transmitting the encrypted authentication value to the corresponding PNE; storing, by the corresponding PNE, the encrypted authentication value; and performing an authentication procedure between the PNE and the CPNS server by using the encrypted authentication value stored in the PNE.
In accordance with another aspect of the present invention, there is provided a method of authenticating a Personal Network Entity (PNE). The method includes storing, by a PN GW (Personal Network GateWay), when a PNE requests an authentication, a physical address (MACPNE) of the PNE and transferring the physical address (MACPNE) of the PNE together with the authentication request to a CPNS (Converged Personal Network Service) server; identifying, by the CPNS server, the physical address (MACPNE) of the PNE, generating a random number R to be used in an authentication session, and transmitting the R together with an authentication response; storing, by the PN GW, the R transmitted from the CPNS server, generating a NONCE to be used for a PIN generation, and transmitting the R and the NONCE together with the authentication response to the PNE; generating, by the PNE, a Personal Identification Number (PIN) through a preset PIN generation function, generating a Random Pin (RP), and displaying information on the generated PIN and RP; performing, by the PN GW upon receiving inputs of the PIN and the RP displayed in the PNE from a user, a verification of the PIN input through the PIN generation function; receiving, by the PN GW, when the verification of the PIN is completed, inputs of a user ID (IDUSER) and a user password (PWUSER) from the user, applying the user ID (IDUSER) and the user password (PWUSER) to a hash function H() to generate a value W required when the PNE requests an authentication from the CPNS server, transmitting the user ID (IDUSER), the W, the NONCE, and the RP to the CPNS server, and making an identification request; identifying, by the CPNS server, information for the identification request transmitted from the PN GW, identifying an effectiveness of the user and the PNE, and transmitting an authentication confirmation message to the PN GW; and transferring, by the PN GW, the authentication confirmation message to the PNE, and completing an authentication procedure.
According to a PNE authentication method according to embodiments of the present invention, a CPNS server can authenticate a PNE, which is a heterogeneous device, through the PN GW, which can securely communicate with the CPNS server, without a separate secure storage space in the PNE. Further, the PNE authentication method provides a scheme capable of effectively authenticating a device, which a user desires to authenticate but has no input apparatus and cannot directly communicate with the server.
FIG. 1 is a diagram of a CPNS system to which an embodiment of the present invention is applied;
FIGs. 2, 3, and 4 are block diagrams of a PNE, a PN gateway, and a CPNS server according to an embodiment of the present invention, respectively;
FIG. 5 is flowchart illustrating a process of storing PNE authentication related information for a PNE authentication in a CPNS server according to an embodiment of the present invention;
FIG. 6 is a flowchart illustrating a process for storing PNE authentication related information for a PNE authentication in a PN GW and a PNE according to an embodiment of the present invention;
FIG. 7 is a flowchart illustrating a process for storing PNE authentication related information for a PNE authentication in a CPNS server, a PN GW and a PNE according to another embodiment of the present invention;
FIG. 8 is a flowchart illustrating authentication between a PNE and a CPNS server through a PN GW according to an embodiment of the present invention;
FIGs. 9A and 9B are flowcharts illustrating registration of a CPNS server by a PNE according to another embodiment of the present invention; and
FIG. 10 is a flowchart illustrating authentication between a PNE and a CPNS server through a PN GW according to another embodiment of the present invention.
Hereinafter, the embodiments of the present invention are described with reference to the accompanying drawings. In the following description, a detailed explanation of known related functions and constitutions may be omitted to avoid unnecessarily obscuring the subject matter of the present invention.
FIG. 1 is a diagram of a CPNS system according to an embodiment of the present invention.
Referring to FIG. 1, a CPNS system according to an embodiment of the present invention may include one or more Personal Network Entities (PNEs) 10 and 12, a Personal Network GateWay (PN GW) 20, a CPNS server 30, and a service/content providing server 40 and may include a manufacturer device managing server 50, which can be connected to the above elements through an internet, as well.
The service/content providing server 40 is located in an external network, and corresponds to a device providing a service or content that a user can use in the CPNS server 30. For example, the external network may be an Internet and/or a mobile phone network. Further, the CPNS server 30 may include the service/content providing server 40 and the manufacturer device managing server 50.
The PNEs 10 and 12 refer to user terminal devices directly executing a service. For example, the PNEs may include devices such as an MP3 player, a PMP, a mobile communication terminal, etc., and the PNEs reproduce content stored in them to provide a user with a service. The PNEs 10 and 12 have a short distance communication module therein in order to perform short distance communication with another neighboring device, i.e., another PNE or a PN gateway.
The PNEs 10 and 12 are electronic devices that directly provide a service to a user. For example, the PNE may include various types of electronic devices, such as an MP3 player, a PMP, a game machine, a notebook, a navigation unit, etc., as well as consumer electronics such as a refrigerator. The electronic devices receive content requested by a user from the service/content providing server 40 and reproduce the content so that the user can receive a service. The PNEs 10 and 12 have a short distance communication module therein so they can perform short distance communication with another neighboring device (i.e., another PNE or PN gateway).
The PNEs 10 and 12 perform a pairing with the PN GW 20 in a short distance communication scheme and configure a personal network with the PN GW 20, so that the PNEs 10 and 12 can access the CPNS server 30 through the PN GW 20 and receive a content provided by the service/content providing server 40 to use a CPNS.
In this example, configuration of the personal network refers to an identification of a role of each physically paired device and a configuration of a network between the PNEs 10 and 12 and the PN GW 20 in order to provide a CPNS. For the configuration, a determination is performed as to whether there are CPNS resources between the PNEs 10 and 12 and the PN GW 20, as well as whether the device can use the CPNS through an authentication and an authorization, and a device’s role is identified. As described above, a process of identifying whether the device is operated with a GW mode or a PNE mode is performed, so that a network is formed in an aspect of an application for providing the CPNS. Through the personal network formed as described above, the PNEs 10 and 12 can access the CPNS server 30 of a service provider network by using a communication function of the PN GW 20.
The PN GW 20 is a device capable of accessing the CPNS server 30 located in an external network, i.e., the service provider network. Further, the PN GW 20 can configure a personal network with the PNEs 10 and 12 and relays a CPNS system message and a service or a content transmission between the CPNS server 30 and the PNEs 10 and 12. That is, when the PNEs 10 and 12 included in the personal network 30 request a service, the PN GW 20 performs a relay function to transfer the service to the CPNS server 30. Further, the PN GW 20 transfers a service or content provided by the CPNS server 30 to the PNEs 10 and 12. The PN GW 20 may be a device such as, a mobile phone, a PDA, a set top box, etc.
The CPNS server 30 registers and manages the PN GW 20, the PNEs 10 and 12, and the personal network according to a registration request from the PN GW 20, and processes a request for a service or a content transferred by the PNEs 10 and 12 through the PN GW 20. When the service or the content corresponding to the request can be provided by the CPNS server 30, the CPNS server 30 provides the requested service and content to the PNEs 10 and 12 through the PN GW 20. Further, when the service or the content corresponding to the request can be provided by the CPNS server 30, the request is transferred to the external service/content providing server 40 and the corresponding service or content is provided to the PNEs 10 and 12 through the PN GW 20.
FIG. 2 is block diagram of PNEs according to an embodiment of the present invention.
Referring to FIG. 2, the PNEs 10 and 12 include a PN connection controller 110, a first short distance communication module 120, and a first memory 130. The first short distance communication module 120 performs short distance communication and may perform, for example, Bluetooth communication, Zigbee communication (i.e., ZIGBEE® specification-compliant communication), Infrared Data Association (IrDA) communication (i.e., IRDA® specification-compliant communication), visible light communication, etc. The first memory 130 may be used as a working memory of the PN connection controller 110, may store various program data, which are required for configuring a personal network, containing information required for an authentication procedure according to characteristics of the present invention which will be described later, and may store device information. The first memory 130 also stores information on various services provided from the CPNS server 30 through the PN GW 20. The PN connection controller 110 controls all operations of the PNEs 10 and 12 related to a configuration and a release of the personal network and the authentication procedure according to characteristics of embodiments of the present invention, which are described later herein, and controls an operation related to a service or a content request and a service or a content reception through the configured personal network. Accordingly, the PN connection controller 110 controls the first short distance communication module 120 in order to configure the personal network and performs a physical for pairing with neighboring devices in order to configure a communication link. The PN connection controller 110 also searches for the PN GW in the physically paired devices and requests a network connection when the PN GW 20 is detected.
FIG. 3 is a block diagram of a PN GW according to an embodiment of the present invention.
Referring to FIG. 3, the PN GW 20 includes a PN manager 210, a second short distance communication module 220, a second memory 230, and a communication unit 240. The second short distance module 220 performs short distance communication and may perform, for example, Bluetooth communication, Zigbee communication, IrDA communication, visible light communication, etc. The communication unit 240 performs communication with entities of an external network and transmits/receives messages and data to/from the CPNS server 30 and the service/content providing server 40. The second memory 230 may be a working memory of the PN manager 210, and may store various program data required for a personal network configuration. The second memory 230 also stores information on the PNEs connected to the personal network and information regarding a device corresponding to each PNE, including information required for an authentication procedure described later herein. The PN manager 210 controls a general operation of the PN GW 20 related to the personal network.
FIG. 4 is a block diagram of a CPNS server according to an embodiment of the present invention.
Referring to FIG. 4, the CPNS server 30 includes a controller 310, a transmitting/receiving unit 320, and a third memory 330. The transmitting/receiving unit 320 communicates with the PN GW 20 and the service/content providing server 40 according to a control of the controller 310. The third memory 330 registers and stores PNE information transferred from the PN GW 20. The third memory 330 stores various contents and services to be provided to the PNEs, and also stores a service matching table corresponding to each of the contents and services. The service matching table includes information regarding minimum device functions and capabilities required for the PNEs that will receive and process a corresponding content or service. Further, the third memory 330 stores information required for an authentication of the PNE according to characteristics of the present invention, which is described later herein. The controller 310 controls a general operation of the CPNS server 30.
In the above-described CPNS system according to embodiments of the present invention, a PNE authentication method implemented according to characteristics of the present invention may be divided into two types. A first type corresponds to a method of authenticating the PNE through a serial number generated and assigned only by a manufacturer device managing service, and a second type corresponds to an authentication method in which there is a minimum number of displays in the device and numbers or letters can be expressed in the displays of the device.
A mutual authentication method between the PNE and the CPNS server by using a hash-chain according to an embodiment of the present invention is described as follows with reference to FIGs. 5-7. In this hash-chain method, the CPNS server registers a required PNE hardware inherent value (serial number) in advance and uses the registered value in a device authentication.
Since it is difficult to assume that all PNEs have secure storage spaces, the hash-chain method encrypts and stores secret information and then receives an authentication value from the PN GW to authenticate the PNE when needed.
Table 1 below includes a listing of terms and definitions corresponding to the method, which are described in further detail later herein.
Table 1
Terms Contents
KSM Shared Key between the CPNS server and the manufacturer
KGS Shared key between the PN GW and the CPNS server
AKPNE PNE authentication value, authentication key
[AKPNE] Set of the PNE authentication values
SNPNE Serial number which is not stored in the memory of the PNE
E_K() / D-K() Encryption / Decryption using K
TKPNE PNE assignment key (Temporary Key), Key used for transmitting secure data between the PNE and the PN GW or used for authenticating the CPNS server by the PNE
SeedPNE Seed value for a hash-chain of the PNE
H Secure hash function in cryptography (e.g.: SHA1)
A process of storing PNE authentication information according to the hash-chain method is described as follows with reference to FIGs. 5-7.
FIG. 5 is flowchart illustrating a process of storing PNE authentication related information for a PNE authentication in a CPNS server according to an embodiment of the present invention.
Referring to FIG. 5, a CPNS server 30 according to an embodiment of the present invention sends a request for a PNE assignment key (TKPNE) according to a PNE identifier (SNPNE) to the manufacturer device managing server 50 and stores the requested information. The following described operations may be performed in an operation in which the CPNS server 30 stores the PNE assignment key according to the PNE identifier.
In step 501, for a PNE registration process, the CPNS server 30 configures a secure channel with the PN GW 20 through a web service and then provides a PNE registration service to a user. If step 501 is performed, then step 502 is not performed. Similarly, if step 502 is performed, step 501 is not performed. In step 502, for the PNE registration process, the PN GW 20 configures a secure channel with the CPNS server 30 and then provides a PNE registration service to a user.
In step 503, for the PNE registration process, the user physically identifies SNPNE of the PNE through step 501 or step 502 and then registers the SNPNE in the CPNS server 30. At this time, the SNPNE corresponds to a number provided to a PNE user when purchasing the PNE and is not stored in a storage space of the PNE. The SNPNE refers to a PNE entity IDentifier (ID) and is indicated as an SN.PNE or an SN.PNGW according to a PNE’s role acting as the PNE or the GW, respectively. The CPNS server 30 has sufficient secure storage space.
In step 504, the CPNS server 30, after receiving the SNPNE from the user, configures a secure channel with the manufacturer device managing server 50 through a mutual authentication process using a base authentication technology (e.g. 3rd Generation Partnership Project (3GPP) Generic Bootstrapping Architecture (GBA)) for a SNPNE identification. In step 505, the CPNS server 30 transmits the SNPNE to the manufacturer device managing server 50 through the secure channel.
In step 506, the manufacturer device managing server 50 identifies whether serial numbers other than SNPNE extensions (*.PNE, *.PNGW) are valid. In, step 507, when the identification process is completed, the manufacturer device managing server 50 transmits the TKPNE, which is secret information corresponding to the SNPNE, to the CPNS server 30 through the secure channel.
In step 508, the CPNS server 30 stores the SNPNE input by the user and the TKPNE transmitted from the manufacturer device managing server 50 in its storage space. The SNPNE and the TKPNE are used in an authentication procedure of the CPNS server 30 in the future.
FIG. 6 is a flowchart illustrating a process of storing a PNE authentication key (AKPNE) in a PN GW and a PNE for PNE authentication according to an embodiment of the present invention.
Referring to FIG. 6, the following operations may be performed in connection with an operation of storing a PNE authentication value in the PNE 10 and the PN GW 20.
The PNE 10 initially stores its inherent TKPNE in a manufacturing process. Meanwhile the PN GW 20 does not initially store information on the PNE 10, because the PN GW 20 does not know which PNE will be registered in the PN GW 20 itself. However, a secure storage space for securely storing PNE information is required in a PNE registration. Further, the CPNS server 30, having performed the process of storing the PNE assignment key and the SNPNE of the PNE 10 in the CPNS server 30 as shown in FIG. 5, stores the SNPNE and the TKPNE, which are information regarding the PNE 10, in the secure storage space.
In step 601, for a PNE-PN GW registration process, the user inputs the SNPNE and a random NPNE in the PN GW 20. At this time, the PN GW 20 generates KPW1=H(SNPNE ∥ count) by using the SNPNE input from the user. The count refers to a count value managed by the GW. The count is initially set as “1” and is increased by “1” in each subsequent authentication process. The KPW1 refers to a security key value for additionally encrypting a PNE authentication key that will be stored in the PNE 10 in the future, and a generation of the KPW1 may not be performed depending on a security level.
In step 602, the PN GW 20 performs a mutual authentication process with the CPNS server 30 by using a base authentication technology (e.g., 3GPP GBA) and then configures a secure channel.
In step 603, the PN GW 20 transmits the SNPNE and the NPNE to the CPNS server 30 through the secure channel. At this time, according to embodiments of the present invention the SNPNE and the NPNE may be encrypted by using a shared key KGS between the PN GW 20 and the CPNS server 30 and then the encrypted SNPNE and the NPNE is transmitted, as an example but the present invention is not limited thereto and other various schemes may be applied in accordance with embodiments of the present invention.
In step 604, through the SNPNE, the CPNS server 30 identifies that a device user has input the SNPNE through the PN GW 20 and then generates a random number NServer to create SeedPNE=H(NPNE ∥ NServer). Next, the CPNS server 30 generates an authentication value chain of the PNE 10 through the created SeedPNE as follows:
AKn=H(SeedPNE)
AKn-1=H(AKn)
AKn-2=H(AKn-1)
...
AK2=H(AK3)
AK1=H(AK2)
The authentication value chain is generated to compensate for a difficulty of implementing a space in which the PNE 10 can securely and permanently store one PNE authentication value. The AKPNE can be renewed within the generated chain value whenever the PNE 10 requests an authentication or the authentication value chain is expired, so that the security can be guaranteed even though the PNE authentication value is exposed to an outside entity.
A length of the authentication chain is determined by a service provider, and an expired authentication chain should be updated through communication between the PN GW 20 and the CPNS server 30. For example, when a service renewal attempt is performed every 30 days, a length of the authentication chain is set to be 30 chains long. When a service renewal attempt is performed annually, a length of the authentication chain may be set to be 365 chains long. In order to renew the expired authentication chain, the PNE 10 user should input an appropriate SNPNE again and pass a registration process.
In step 605, the CPNS server 30 generates the PNE authentication value chain and then transmits [AKPNE] and TKPNE to the PN GW 20. According to embodiments of the present invention, the [AKPNE] and the TKPNE may be encrypted by using a shared key KGS between the PN GW 20 and the CPNS server 30 and then the encrypted [AKPNE] and the TKPNE is transmitted as an example, but the present invention is not limited thereto and other various schemes may be applied in accordance with embodiments of the present invention.
In step 606, the PN GW 20 receives the [AKPNE] and the TKPNE, and then the PN GW 20 stores information on the [AKPNE] and the TKPNE in its storage space.
In step 607, the PN GW 20 encrypts AK1 corresponding to a first authentication value among the [AKPNE] using the KPW1, encrypts the encrypted AK1,that is E_KPW1(AK1), using the TKPNE, and transmits the encrypted AK1, that is E_ TKPNE (E_KPW1(AK1)), to the PNE 10. The AK1 among the [AKPNE] is encrypted by using the KPW1 in order to prevent the AK1 from being known through information stored in the PNE 10, even if the PNE 10 is stolen. The process of encrypting the AK1 using the KPW1 may be omitted when the KPW1 is not generated in step 601 as necessary. The encrypted the AK1 by using KPW1 is also encrypted by using the TKPNE in order to provide the safety a transmission channel between the PNE 10 and the PN GW 20.
In step 608, the PNE 10 stores the encrypted E_KPW1(AK1) in its storage space.
FIG. 7 is a flowchart illustrating a process of storing PNE authentication information according to another embodiment of the present invention.
Referring to FIG. 7, the following operations may be performed in a series of operations for storing a PNE authentication key and PNE assignment keys between the PNE 10, the PN GW 20, the CPNS server 30, and the manufacturer device managing server 50.
In step 701, he user inputs the SNPNE and the NPNE in the PN GW 20. At this time, the PN GW 20 generates KPW1=H(SNPNE∥count) by using the SNPNE. The count, which refers to a count value managed by the GW, is initially set as “1” and is increased by “1” in each authentication process performed in the future. The SNPNE is a PNE 10 entity ID and is indicated as an SN.PNE or an SN.PNGW according to a PNE 10’s role acting as the PNE 10 or the GW, respectively. The KPW1 is a security key value for additionally encrypting a PNE authentication key that will be stored in the PNE 10 in the future, and the KPW1 may not be generated depending on a security level.
In step 702, the PN GW 20 performs a mutual authentication process with the CPNS server 30 by using a base authentication technology (e.g., 3GPP GBA) and then configures a secure channel.
In step 703, the PN GW 20 transmits the SNPNE and the NPNE to the CPNS server 30 through the secure channel. According to embodiments of the present invention the SNPNE and the NPNE may be encrypted by using a shared key KGS between the PN GW 20 and the CPNS server 30, and then the encrypted SNPNE and the NPNE may be transmitted as an example However, the present invention is not limited to this scheme, and other such schemes may be used in accordance with embodiments of the present invention. In step 704, the CPNS server 30 identifies the SNPNE and the NPNE, and then generates a random number NServer to create SeedPNE=H(NPNE ∥ NServer). Next, the CPNS server 30 generates an authentication value chain of the PNE 10 through the created SeedPNE as follows:
AKn=H(SeedPNE)
AKn-1=H(AKn)
AKn-2=H(AKn-1)
...
AK2=H(AK3)
AK1=H(AK2)
A length of the authentication chain is determined by a service provider, and an expired authentication chain should be updated through communication between the PN GW 20 and the CPNS server 30. For example, when a service renewal attempt is performed every 30 days, a length of the authentication chain is set to be 30 chains long. When a service renewal attempt is performed annually, a length of the authentication chain may be set to be 365 chains long. In order to renew the expired authentication chain, the PNE 10 user should input an appropriate SNPNE again and pass a registration process.
In step 705, the CPNS server 30 transmits the SNPNE to the manufacturer device managing server 50 through the secure channel. In step 706, the manufacturer device managing server 50 identifies whether serial numbers other than SNPNE extensions (*.PNE, *.PNGW) are valid. In step 707, after the identification is complemented, the manufacturer device managing server 50 transmits the PNE assignment key (TKPNE) corresponding to the SNPNE to the CPNS server 30 through the secure channel.
In step 708, the CPNS server 30 stores the SNPNE input by the user and the TKPNE, which corresponds to the SNPNE, is transmitted from the manufacturer device managing server 50 in a secure storage space. The SNPNE and the TKPNE are used in an authentication procedure of the PNE 10 and the CPNS server 30 in the future.
In step 709, the CPNS server 30 generates the authentication value chain of the PNE 10 and then transmits the [AKPNE] and the TKPNE to the PN GW 20 through the secure channel. According to embodiments of the present invention, the [AKPNE] and the TKPNE may be encrypted by using a shared key KGS between the PN GW 20 and the CPNS server 30, and then the encrypted the [AKPNE] and the TKPNE may be transmitted. However, the present invention is not limited thereto, and other schemes may be used in accordance with embodiments of the present invention.
In step 710, the PN GW 20 receives the [AKPNE] and the TKPNE and then stores the received data in its storage space. In step 711, the PN GW 20 encrypts AK1 corresponding to a first authentication value among the [AKPNE] using the KPW1, encrypts the encrypted AK1,that is E_KPW1(AK1), using the TKPNE, and transmits the encrypted AK1, that is E_ TKPNE (E_KPW1(AK1)), to the PNE 10. The AK1 among the [AKPNE] is encrypted by using the KPW1 in order to prevent the AK1 from being known through information stored in the PNE 10, even if the PNE 10 is stolen. The process of encrypting the AK1 using the KPW1 may be omitted when the KPW1 is not generated in step 601, as necessary. The encrypted the AK1 using KPW1 is also encrypted by using the TKPNE in order to provide the safety a transmission channel between the PNE 10 and the PN GW 20.
In step 712, the PNE 10 stores the AK1 or an E_KPW1(AK1) encrypted using the TKPNE in its storage space.
A PNE-CPNS authentication process according to the hash-chain method is described as follows with reference to FIG. 8.
FIG. 8 is a flowchart illustrating an authentication between the PNE and the CPNS server through a PN GW according to an embodiment of the present invention.
Referring to FIG. 8, the PNE 10 stores the TKPNE, and the encrypted AK1 using KPW1, that is E_KPW1(AK1). The PN GW 20 stores the SNPNE, the TKPNE, [AKPNE], and count corresponding to the PNE 10. THE CPNS server 30 stores the SNPNE, the TKPNE, and SeedPNE corresponding to the PNE 10.
Referring to FIG. 8, the following operations may be performed in the authentication operation between the PNE 10 and the CPNS server 30 through the PN GW 20. In step 800, the PN GW 20 transmits a trigger message to the PNE 10 in order to enable the PNE 10 to transmit an authentication request message Authentication RequestPNE. In step 801, the PNE 10 transmits the authentication request message Authentication RequestPNE to the PN GW 20 for an authentication.
In step 802, the PN GW 20 performs a mutual authentication process with the CPNS server 30 by using a base technology (e.g., 3GPP GBA), and then configures a secure channel. In step 803, the PN GW 20 transmits the authentication request message Authentication RequestPNE to the CPNS server 30 through the secure channel.
In step 804, the CPNS server 30, having received the Authentication RequestPNE, generates a random number R and then generates a confirmation value(AN)(AN=H(R ∥ TKPNE)) corresponding to a value for an authentication from the CPNS server 30.
In step 805, the CPNS server 30 transmits the AN and the R to the PN GW 20 through the secure channel.
In step 806, the PN GW 20, having received the AN and the R, generates KPW1=H(SNPNE ∥ count). Next, the PN GW 20 increases the count by “1” and generates KPW2=H(SNPNE ∥ count). Further, the PN GW 20 calculates an E_TKPNE(KPW1) encrypted by using the TKPNE and an E_KPW2(AK2) encrypted by using the KPW2. The PN GW 20 having completed all processes changes the TKPNE into a THPNE’ = H(THPNE). An encryption key of the authentication value AKPNE is consistently changed at this time so that an attacker cannot know the encryption key of the AKPNE unless the attacker persistently hacks a session, even when the attacker obtains the TKPNE stored in the storage space of the PNE 10 in order to discover the KPW1 through hacking the communication session of the PNE 10 and the PN GW 20. In step 807, the PN GW 20 transmits the E_TKPNE(KPW1 ∥ E_KPW2(AK2) ∥ AN ∥ R) to the PNE 10. That is, the PN GW 20 transmits the encrypted KPW1, E_KPW2(AK2), AN and R by using the TKPNE.
In step 808, the PNE 10 decrypts KPW1, E_KPW2(AK2), AN and R using the TKPNE stored in its storage space. The PNE 10 identifies whether the AN is generated in a proper CPNS server 30 by using the TKPNE stored in its storage space and the transmitted R and then decrypts a transmitted value to the TKPNE to obtain the KPW1. Next, the PNE 10 decrypts the E_KPW1(AK1) using the KPW1 to obtain the AK1. The PNE 10 also encrypts the AK1 using the TKPNE to calculate the E_TKPNE(AK1). Subsequently, the PNE 10 deletes the E_KPW1(AK1) from its storage space, stores the E_KPW2 (AK2)transmitted from the PN GW 20, and replaces the TKPNE with a TKPNE’. In step 809, the PNE 10 transmits the E_TKPNE(AK1) to the PN GW 20.
In step 810, the PN GW 20 transmits the E_TKPNE(AK1) received from the PNE 10 and a value C generated by subtracting “1” from the count stored in its storage space to the CPNS server 30 through the secure channel. In step 811, the CPNS server 30 receives the C and the E_THPNE(AK1) from the PN GW 20 and then decrypts the E_THPNE(AK1) uging the TKPNE stored in its storage space to obtain the AK1. Next, the CPNS server 30 identifies whether the AK1 is the same as an Hn-c+1(SeedPNE) by using a SeedPNE stored in its storage space. When the identification is completed, the CPNS authenticates that the PNE 10 has transmitted a proper AK1. Next, the CPNS server 30 replaces the TKPNE with a TKPNE’. If the AK1 is different from the Hn-c+1(SeedPNE), the CPNS server 30 stops an authentication session.
In step 812, when the AK1 identification is completed, the CPNS server 30 transmits an authentication confirmation message “Confirmation Response”. The PN GW 20 transmits the Confirmation Response to the PNE 10.
In step 813, after all authentications are completed, the PNE 10 and the CPNS server 30 generate a common session key SK by using a key derivation function KEY_DERIVATION() as defined in the following equation:
SK = KEY_DERIVATION(AK1)
A password based authentication method using a PNE display according to an embodiment of the present invention is described as follows with reference to FIGs. 8-10. The password based method is divided into a device registration procedure and an authentication procedure, and all PNE hardware inherent address values (MAC) are registered in a server in advance to use the values in a device authentication. Further, according to the method, it is assumed that a method of displaying simple numbers or letters is supported in most appliance terminals.
An initial registration method of the PNE according to the password based authentication method is described as follows with reference to FIGs. 9A and 9B.
FIGs. 9A and 9B are flowcharts illustrating registration of the CPNS server 30, by the PNE 10, according to another embodiment of the present invention.
Referring to FIGs. 9A and 9B, the following operations may be performed in an initial registration process between the PNE 10 and the CPNS server 30. Instep 901, the user sets an ID “IDUSER” and a password “PWUSER” for a service authentication and subscribes a service through a web service. At this time, the user’s IDUSER and PWUSER are used for the user’s service authentication. Further, the user registers a physical address (MACPNE) of device(s), which the user desires to use in the CPNS server 30, in the CPNS server 30. When step 901 is performed, step 902 of FIG. 9B is not performed. Similarly, when step 902 is performed, step 901 is not performed. In step 902, the user can register the IDUSER and the PWUSER in the CPNS server 30 by using the PN GW 20 belonging to the user for a service authentication regardless of step 901. In step 903, the CPNS server 30 stores user’s input IDUSER, PWUSER, and MACUSER in a DB.
A PNE authentication process according to the password based authentication method is described as follows with reference to FIG. 10.
FIG. 10 is a flowchart illustrating an authentication between the PNE and the CPNS server through the PN GW according to another embodiment of the present invention.
Referring to FIG. 10, the following operations may be performed in an authentication operation between the PNE 10 and the CPNS server 30 through the PN GW 20.
In step 1001, for a PNE registration process, the PN GW 20 and the CPNS server 30 have sufficient storage spaces and configure a secure channel by using a base authentication technology (e.g., 3GPP GBA) after a mutual authentication process. Through this authentication process, a confidentiality of a traffic generated between the PN GW 20 and the CPNS server 30 is guaranteed.
In step 1002, the PNE 10 performs a pairing process with a PN GW 20, which becomes a GW of the PNE 10. In step 1003, the PNE 10 makes an authentication request from the PN GW 20. At this time, the user is an entity that first attempts the authentication request, so that the user may construct a specific function enabling the PNE 10 to make the authentication request or construct a user interface allowing the user to make the authentication request from the PN GW 20 itself.
In step 1004, in the authentication request, the PN GW 20 stores a physical address of the PNE 10 trying to make the authentication request. In step 1005, the PN GW 20 transmits an authentication request message Authentication Request to the CPNS server 30. At this time, the PN GW 20 also transmits the MACUSER of the PNE 10 making the authentication request. In step 1006, the CPNS server 30, having received the Authentication Request, searches for a corresponding MACUSER in its user DB, and generates a random number R to be used for an authentication session when an existing record is found. If there is no corresponding MACUSER in its DB, the CPNS rejects the authentication. In step 1007, the CPNS server 30 includes the R in the Authentication Response and transmits the Authentication Response.
In step 1008, the PN GW 20 stores the R included in the transmitted Authentication Response and generates a NONCE to be used for a PN generation. In step 1009, the PN GW 20 includes the R and the NONCE in the Authentication Response and transmits the Authentication Response to the PNE 10.
In step 1010, the PNE 10 generates a Personal Identification Number (PIN) through a set PIN generation function GEN_PIN() as defined in the following equation:
PIN = GEN_PIN (R, NONCE, MACUSER)
At this time, the GEN_PIN() should have one-way function. The PNE 10 also generates a Random PIN (RP). At this time, in a display of the PNE 10, a number is used or a number and a character string are mixedly used as an expressible character string. The PNE 10 expresses generated information in a form of PIN ∥ RP in the display and waits for a response.
In step 1011, the user inputs the PIN ∥ RP expressed in the display in the PN GW 20. The user directly inputs the expressed information in the PN GW 20 without passing through a channel configured between the PNE 10 and the PN GW 20, so that secure communication can be performed independent of a confidentiality of a channel between the PNE 10 and the PN GW 20. The PN GW 20 generates a PIN’ as shown in the following equation and attempts verification:
PIN’ = GEN_PIN(R, NONCE, MACUSER)
At this time, if a PIN verification fails, an authentication session is stopped. A load generated in the server authentication may be reduced through first blocking an incorrect authentication request by the PN GW 20.
However, in step 1012, when the PIN information is correct, the PN GW 20 additionally receives an input of the IDUSER/PWUSER from the user. Further, a server authentication value W for the server authentication of the PNE 10 is generated by using the input PWUSER as defined in the following equation:
W = H(H(PWUSER) ∥ R ∥ NONCE ∥ PIN ∥ RP)
In step 1013, the PN GW 20 transmits a confirmation request message Confirmation Request to the CPNS server 30. At this time, the IDUSER, the W, the NONCE, and the RP are included in the message.
In step 1014, the CPNS server 30 calculates a PIN’ and a W’ as shown in the following equations and inspects an effectiveness of the user and the PNE 10: PIN’ = GEN_PIN(R, NONCE, MACUSER)
W’ = H(H(PWUSER) ∥ R ∥ NONCE ∥ PIN’ ∥ RP)
If the W and the W’ are different from each other, an authentication session is stopped.
In step 1015, the CPNS server 30 transmits the authentication confirmation message Confirmation Response. The PN GW 20 transfers the Confirmation Response to the PNE 10 and continuously performs a GW service.
In step 1016, after all authentications are completed, the PNE 10 and the CPNS server 30 generate a common session key SK by using a key derivation function KEY_DERIVATION() as defined in the following equation:
SK = KEY_DERIVATION(RP)
According to the PNE authentication method according to embodiments of the present invention, the CPNS server 30 can authenticate the PNE 10, which is a heterogeneous device, through the PN GW 20, which can securely communicate with the CPNS server 30, without a separate secure storage space in the PNE 10. Further, the PNE authentication method provides a scheme capable of effectively authenticating a device, which a user desires to authenticate but has no input apparatus and cannot directly communicate with the server.
As described above, according to the embodiments of the present invention, it is possible to perform an operation for authenticating the PNE 10.
While the present invention has been shown and described with reference to certain exemplary embodiments and drawings thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (15)

  1. A method of authenticating a Personal Network Entity (PNE), comprising:
    transmitting, by a Personal Network GateWay (PN GW) a PNE serial number (SNPNE) to a CPNS (Converged Personal Network Service) server;
    storing an authentication value chain of a PNE received from the CPNS server and an inherent assignment key (TKPNE) that is secret information of a corresponding PNE;
    encrypting a selected authentication value from among the authentication value chain with the inherent assignment key of the corresponding PNE;
    transmitting the encrypted authentication value to the corresponding PNE so that the encrypted authentication value is stored in the corresponding PNE; and
    performing an authentication procedure between the corresponding PNE and the CPNS server by using the encrypted authentication value stored in the corresponding PNE.
  2. The method as claimed in claim 1, wherein the PN GW generates an encryption key (KGS) by using the PNE serial number (SNPNE), encrypts the selected authentication value among the authentication value chain to the encryption key (KGS), and encrypts the encryption key (KGS) to the inherent assignment key (TKPNE) of the corresponding PNE.
  3. The method as claimed in claim 1, wherein the CPNS server receives the PNE serial number (SNPNE) through a web service, transmits the PNE serial number (SNPNE) to a manufacturer device managing server, and receives a confirmation of the PNE serial number (SNPNE), and the CPNS server receives the inherent assignment key (TKPNE), which is the secret information of the corresponding PNE, from the manufacturer device managing server and registers the inherent assignment key (TKPNE) together with the PNE serial number (SNPNE).
  4. The method as claimed in claim 1, wherein the CPNS server receives the PNE serial number (SNPNE) through the PN GW, transmits the PNE serial number (SNPNE) to a manufacturer device managing server, and receives a confirmation of the PNE serial number (SNPNE), and the CPNS server receives the inherent assignment key (TKPNE), which is the secret information of the corresponding PNE, from the manufacturer device managing server and registers the inherent assignment key (TKPNE) together with the PNE serial number (SNPNE).
  5. The method as claimed in claim 1, wherein, when the CPNS server receives the PNE serial number (SNPNE) from the PN GW, the CPNS server transmits the PNE serial number (SNPNE) to a manufacturer device managing server and receives a confirmation of the PNE serial number (SNPNE) from the manufacturer device managing server, and the CPNS server receives the inherent assignment key (TKPNE), which is the secret information of the corresponding PNE, from the manufacturer device managing server and registers the inherent assignment key (TKPNE) together with the PNE serial number (SNPNE).
  6. The method as claimed in one of claim 5, wherein performing the authentication procedure between the PNE and the CPNS server comprises:
    transmitting, by the PN GW, when the PNE requests an authentication, authentication request information to the CPNS server, and generating a random number R, generating a value AN, where AN=H(R ∥ TKPNE), by using a hash function H(), and then transmitting the AN and the R to the PN GW by the CPNS server;
    generating a KPW1=H(SNPNE ∥ count) (the count is initially set as “1”) by using the hash function (), increasing the count by 1 to generate a KPW2=H(SNPNE ∥ count), calculating an E_TKPNE (KPW1) encrypted to the inherent assignment key TKPNE and an E_KPW2(AK2) encrypted to a KPW2, and changing the TKPNE into a changed inherent assignment key TKPNE’, TKPNE’=H(TKPNE), by the PN GW having received the AN and the R;
    transmitting an E_TKPNE(KPW1 ∥ E_KPW2(AK2) ∥ AN ∥ R) to the PNE by the PN GW;
    identifying whether the AN is generated in a proper CPNS server by using the TKPNE stored in the PNE and the transmitted R, decrypting a transmitted value to the TKPNE to obtain the KPW1, decrypting the E_KPW1(AK1) to the KPW1 to obtain an AK1, encrypting the TKPNE to the AK1 to calculate an E_TKPNE(AK1), deleting the E_KPW1(AK1) from a storage space of the PNE, storing the E_KPW2(AK2) transmitted from the PN GW, and then replacing the TKPNE with the TKPNE’ by the PNE;
    transmitting, by the PNE, the E_TKPNE(AK1) to the PN GW;
    transmitting, by the PN GW, the E_TKPNE(AK1) received from the PNE and a second count C generated by subtracting 1 from the count stored in a storage space of the PN GW to the CPNS server;
    receiving, by the CPNS server, the E_TKPNE(AK1) and the C from the PN GW, decrypting the E_TKPNE(AK1) to the TKPNE stored in a storage space of the CPNS server to obtain the AK1, authenticating that the PNE of the CPNS server has transmitted a proper AK1, and replacing the TKPNE with the TKPNE;
    transmitting, by the CPNS server, an authentication confirmation message to the PN GW;
    transferring, by the PN GW, the authentication confirmation message to the PNE and completing an authentication procedure,
    where E_x(y) is an encryption function for encrypting y by using a key x, KPW1 is a first encryption key KPW2 is a second encryption key, AK1 is a first authentication key, and AK2 is a second authentication key.
  7. A method of authenticating a Personal Network Entity (PNE), comprising:
    storing, by a PN GW (Personal Network GateWay), when a PNE requests an authentication, a physical address (MACPNE) of the PNE and transferring the physical address (MACPNE) of the PNE together with the authentication request to a CPNS (Converged Personal Network Service) server;
    identifying, by the CPNS server, the physical address (MACPNE) of the PNE, generating a random number R to be used in an authentication session, and transmitting the R together with an authentication response;
    storing, by the PN GW, the R transmitted from the CPNS server, generating a NONCE to be used for a PIN generation, and transmitting the R and the NONCE together with the authentication response to the PNE;
    generating, by the PNE, a Personal Identification Number (PIN) through a preset PIN generation function, generating a Random Pin (RP), and displaying information on the generated PIN and RP;
    performing, by the PN GW upon receiving inputs of the PIN and the RP displayed in the PNE from a user, a verification of the PIN input through the PIN generation function;
    receiving, by the PN GW, when the verification of the PIN is completed, inputs of a user ID (IDUSER) and a user password (PWUSER) from the user, applying the user ID (IDUSER) and the user password (PWUSER) to a hash function H() to generate a value W required when the PNE requests an authentication from the CPNS server, transmitting the user ID (IDUSER), the W, the NONCE, and the RP to the CPNS server, and making an identification request;
    identifying, by the CPNS server, information for the identification request transmitted from the PN GW, identifying an effectiveness of the user and the PNE, and transmitting an authentication confirmation message to the PN GW; and
    transferring, by the PN GW, the authentication confirmation message to the PNE, and completing an authentication procedure.
  8. The method as claimed in claim 7, wherein the CPNS server registers the user ID (IDUSER) and the user password (PWUSER) from the user through a web service and also registers a physical address (MACPNE) of the CPNS.
  9. The method as claimed in claim 7, wherein the CPNS server registers the user ID (IDUSER) and the user password (PWUSER) from the user through the PN GW and also registers a physical address (MACPNE) of the CPNS.
  10. A Personal Network GateWay(PN GW) device for authenticating a Personal Network Entity (PNE), comprising:
    a communication unit for transmitting a PNE serial number (SNPNE) to a CPNS (Converged Personal Network Service) server;
    a memory for storing an authentication value chain of a PNE received from the CPNS server and an inherent assignment key (TKPNE) that is secret information of a corresponding PNE;
    a PN manager encrypting a selected authentication value from among the authentication value chain with the inherent assignment key of the corresponding PNE; and
    a short distance communication module for transmitting the encrypted authentication value to the corresponding PNE so that the encrypted authentication value is stored in the corresponding PNE;
    wherein the PN manager performs an authentication procedure between the corresponding PNE and the CPNS server by using the encrypted authentication value stored in the corresponding PNE.
  11. The PN GW device as claimed in claim 10, wherein the PN GW generates an encryption key (KGS) by using the PNE serial number (SNPNE), encrypts the selected authentication value among the authentication value chain to the encryption key (KGS), and encrypts the encryption key (KGS) to the inherent assignment key (TKPNE) of the corresponding PNE.
  12. The PN GW device as claimed in claim 10, wherein the CPNS server receives the PNE serial number (SNPNE) through a web service, transmits the PNE serial number (SNPNE) to a manufacturer device managing server, and receives a confirmation of the PNE serial number (SNPNE), and the CPNS server receives the inherent assignment key (TKPNE), which is the secret information of the corresponding PNE, from the manufacturer device managing server and registers the inherent assignment key (TKPNE) together with the PNE serial number (SNPNE).
  13. The PN GW device as claimed in claim 10, wherein the CPNS server receives the PNE serial number (SNPNE) through the PN GW, transmits the PNE serial number (SNPNE) to a manufacturer device managing server, and receives a confirmation of the PNE serial number (SNPNE), and the CPNS server receives the inherent assignment key (TKPNE), which is the secret information of the corresponding PNE, from the manufacturer device managing server and registers the inherent assignment key (TKPNE) together with the PNE serial number (SNPNE).
  14. The PN GW device as claimed in claim 10, wherein, when the CPNS server receives the PNE serial number (SNPNE) from the PN GW, the CPNS server transmits the PNE serial number (SNPNE) to a manufacturer device managing server and receives a confirmation of the PNE serial number (SNPNE) from the manufacturer device managing server, and the CPNS server receives the inherent assignment key (TKPNE), which is the secret information of the corresponding PNE, from the manufacturer device managing server and registers the inherent assignment key (TKPNE) together with the PNE serial number (SNPNE).
  15. The PN GW device as claimed in one of claim 14, wherein performing the authentication procedure between the PNE and the CPNS server comprises:
    transmitting, by the PN GW, when the PNE requests an authentication, authentication request information to the CPNS server, and generating a random number R, generating a value AN, where AN=H(R ∥ TKPNE), by using a hash function H(), and then transmitting the AN and the R to the PN GW by the CPNS server;
    generating a KPW1=H(SNPNE ∥ count) (the count is initially set as “1”) by using the hash function (), increasing the count by 1 to generate a KPW2=H(SNPNE ∥ count), calculating an E_TKPNE (KPW1) encrypted to the inherent assignment key TKPNE and an E_KPW2(AK2) encrypted to a KPW2, and changing the TKPNE into a changed inherent assignment key TKPNE’, TKPNE’=H(TKPNE), by the PN GW having received the AN and the R;
    transmitting an E_TKPNE(KPW1 ∥ E_KPW2(AK2) ∥ AN ∥ R) to the PNE by the PN GW;
    identifying whether the AN is generated in a proper CPNS server by using the TKPNE stored in the PNE and the transmitted R, decrypting a transmitted value to the TKPNE to obtain the KPW1, decrypting the E_KPW1(AK1) to the KPW1 to obtain an AK1, encrypting the TKPNE to the AK1 to calculate an E_TKPNE(AK1), deleting the E_KPW1(AK1) from a storage space of the PNE, storing the E_KPW2(AK2) transmitted from the PN GW, and then replacing the TKPNE with the TKPNE’ by the PNE;
    transmitting, by the PNE, the E_TKPNE(AK1) to the PN GW;
    transmitting, by the PN GW, the E_TKPNE(AK1) received from the PNE and a second count C generated by subtracting 1 from the count stored in a storage space of the PN GW to the CPNS server;
    receiving, by the CPNS server, the E_TKPNE(AK1) and the C from the PN GW, decrypting the E_TKPNE(AK1) to the TKPNE stored in a storage space of the CPNS server to obtain the AK1, authenticating that the PNE of the CPNS server has transmitted a proper AK1, and replacing the TKPNE with the TKPNE;
    transmitting, by the CPNS server, an authentication confirmation message to the PN GW;
    transferring, by the PN GW, the authentication confirmation message to the PNE and completing an authentication procedure,
    where E_x(y) is an encryption function for encrypting y by using a key x, KPW1 is a first encryption key KPW2 is a second encryption key, AK1 is a first authentication key, and AK2 is a second authentication key.
PCT/KR2012/000173 2011-01-06 2012-01-06 Method and device for authenticating personal network entity WO2012093900A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020110001224A KR101765917B1 (en) 2011-01-06 2011-01-06 Method for authenticating personal network entity
KR10-2011-0001224 2011-01-06

Publications (2)

Publication Number Publication Date
WO2012093900A2 true WO2012093900A2 (en) 2012-07-12
WO2012093900A3 WO2012093900A3 (en) 2012-12-06

Family

ID=46456144

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2012/000173 WO2012093900A2 (en) 2011-01-06 2012-01-06 Method and device for authenticating personal network entity

Country Status (3)

Country Link
US (1) US8819415B2 (en)
KR (1) KR101765917B1 (en)
WO (1) WO2012093900A2 (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8966252B2 (en) * 2007-03-13 2015-02-24 Board Of Trustees Of Michigan State University Private entity authentication for pervasive computing environments
US9531704B2 (en) 2013-06-25 2016-12-27 Google Inc. Efficient network layer for IPv6 protocol
US9191209B2 (en) 2013-06-25 2015-11-17 Google Inc. Efficient communication for devices of a home network
US9054800B2 (en) 2013-09-11 2015-06-09 Symbol Technologies, Llc Staging a mobile device with visible light communication
CN105721153B (en) * 2014-09-05 2020-03-27 三星Sds株式会社 Key exchange system and method based on authentication information
US20170063853A1 (en) * 2015-07-10 2017-03-02 Infineon Technologies Ag Data cipher and decipher based on device and data authentication
US9769157B2 (en) * 2015-09-21 2017-09-19 American Express Travel Related Services Company, Inc. Systems and methods for secure one-time password validation
FR3045248A1 (en) * 2015-12-15 2017-06-16 Orange CONTROL OF ACCESS TO ONLINE SERVICE VIA A LI-FI NETWORK
CN110166234A (en) * 2019-05-21 2019-08-23 阿里巴巴集团控股有限公司 A kind of creation of business cipher key and business datum encryption method, apparatus and system
CN116155633B (en) * 2023-04-23 2023-06-27 农数源(成都)科技有限公司 Sensor external data security protection and bidirectional authentication method, system and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040064699A1 (en) * 2002-09-16 2004-04-01 Hooker John Kenneth Authentication apparatus and method for universal appliance communication controller
US20060129812A1 (en) * 2003-07-07 2006-06-15 Mody Sachin S Authentication for admitting parties into a network
US20070136587A1 (en) * 2005-12-08 2007-06-14 Freescale Semiconductor, Inc. Method for device authentication
US20100235900A1 (en) * 2009-03-13 2010-09-16 Assa Abloy Ab Efficient two-factor authentication

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007193579A (en) * 2006-01-19 2007-08-02 Tokyo Electron Ltd Substrate-processing device, license-managing program, license information-providing device, license information-providing program, license-managing system, and recording medium
KR101438343B1 (en) * 2010-09-28 2014-09-05 엘지전자 주식회사 Method of assigning a user key in a convergence network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040064699A1 (en) * 2002-09-16 2004-04-01 Hooker John Kenneth Authentication apparatus and method for universal appliance communication controller
US20060129812A1 (en) * 2003-07-07 2006-06-15 Mody Sachin S Authentication for admitting parties into a network
US20070136587A1 (en) * 2005-12-08 2007-06-14 Freescale Semiconductor, Inc. Method for device authentication
US20100235900A1 (en) * 2009-03-13 2010-09-16 Assa Abloy Ab Efficient two-factor authentication

Also Published As

Publication number Publication date
KR20120079892A (en) 2012-07-16
KR101765917B1 (en) 2017-08-24
US8819415B2 (en) 2014-08-26
WO2012093900A3 (en) 2012-12-06
US20120179906A1 (en) 2012-07-12

Similar Documents

Publication Publication Date Title
WO2012093900A2 (en) Method and device for authenticating personal network entity
WO2021095998A1 (en) A trusted computing method and system
WO2016137304A1 (en) Trust-zone-based end-to-end security
US7340612B1 (en) Method for device registration in a wireless home network
WO2019132272A1 (en) Id as blockchain based service
WO2011081242A1 (en) Key authentication method for binary cdma
WO2015065063A1 (en) Method and apparatus to identity verification using asymmetric keys in wireless direct communication network
WO2011081311A2 (en) Method and system for supporting security in a mobile communication system
WO2013025085A2 (en) Apparatus and method for supporting family cloud in cloud computing system
CN102857912A (en) Method for secure channelization by using internal key center (IKC)
WO2012044072A2 (en) Method of assigning a user key in a convergence network
WO2012096496A2 (en) Method and apparatus for encrypting short data in a wireless communication system
WO2012099330A2 (en) System and method for issuing an authentication key for authenticating a user in a cpns environment
WO2019132270A1 (en) Secure communication method in nfv environment and system therefor
EP3883279A1 (en) Communication method and related product
WO2019182377A1 (en) Method, electronic device, and computer-readable recording medium for generating address information used for transaction of blockchain-based cryptocurrency
WO2014088318A1 (en) Method and apparatus for allocating an internet protocol address to a client device
WO2015178597A1 (en) System and method for updating secret key using puf
WO2017209467A1 (en) Method and apparatus for providing p2p data security service in iot environment
Maccari et al. Security analysis of IEEE 802.16
WO2012165716A1 (en) Authentication agent apparatus, and method and system for authenticating online service
KR20050116821A (en) Wlan session management techniques with secure rekeying and logoff
WO2020067734A1 (en) Non-address network equipment and communication security system using same
WO2012165901A2 (en) Method for inter-terminal security channelization
WO2022245109A1 (en) Method and device for performing uwb secure ranging

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12732015

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12732015

Country of ref document: EP

Kind code of ref document: A2