| CPC H04W 12/06 (2013.01) [H04W 12/041 (2021.01); H04W 12/71 (2021.01); H04W 12/72 (2021.01)] | 25 Claims |
|
1. A method for authenticating by a network server a communication apparatus, the communication apparatus comprising a tamper resistant area adapted to memorize a first secret, the network server being configured to communicate with the communication apparatus through a wireless network and to read at least one data element memorized in a secure distributed ledger, wherein the distributed ledger is a database which is consensually replicated, shared, and synchronized geographically across multiple sites, countries, or institutions, the method comprising the steps of:
receiving from the communication apparatus a request message comprising a subscriber identifier;
providing, by consulting a database accessible by the network server, a device identifier associated to the received subscriber identifier allowing to identify the communication apparatus;
identifying in the secure distributed ledger, using the device identifier, a record published by a manufacturer of at least a portion of the communication apparatus, said record comprising a second secret attributed to the identified communication apparatus;
generating a challenge message comprising a random number RAND and sending it to the communication apparatus for it to generate a first result F_HWRES derived from the first secret and the random number RAND, wherein the first secret and the random number RAND are used as inputs;
receiving from the communication apparatus a response message comprising the first result F_HWRES, the communication apparatus being authenticated by the network server if the first result F_HWRES is equal to a second result S_HWRES derived by the network server from the second secret and the random number RAND, which demonstrates that the first secret is equal to the second secret.
|