CPC H04L 63/0823 (2013.01) [H04L 63/029 (2013.01); H04L 63/0428 (2013.01); H04L 63/06 (2013.01); H04L 63/0869 (2013.01); H04L 63/12 (2013.01); H04L 63/166 (2013.01); H04L 9/0841 (2013.01)] | 11 Claims |
1. A method of certificate authenticating comprising:
generating a nonce at a server operating independently of a first device and a second device, the nonce being previously unknown to the first and second devices;
encrypting the nonce at the server using a private key associated with the first device;
transmitting a first message from the server to the first device in response to the server receiving an authentication request from the first device, the first message including the nonce as encrypted by the server using the private key associated with the first device;
processing at the server a second message received from the first device in response to the first message, the second message including a certificate associated with the first device and the nonce as decrypted by the first device;
transmitting a token from the server to the first device when the certificate is verified, the token being sufficient for authenticating the first device to the second device; and
using a public key of the first device at the server to decrypt an encrypted portion of the second message in order to recover the certificate and the nonce therefrom, the first device encrypting the certificate and the nonce within the encrypted portion using the private key.
|