| CPC H04L 9/321 (2013.01) [H04L 9/0869 (2013.01)] | 10 Claims |
|
1. A method for authenticating a device, comprising:
a) sending, from a user device, directly or indirectly, to a server, a data request;
b) retrieving, by or through the server, based on the data request, a predetermined encryption key;
c) generating, by or through the server, at least a random and a cryptogram using the encryption key and at least the random;
d) sending, from or through the server, directly or indirectly, to the or another user device, the cryptogram and at least the random, as a data request response;
e) extracting, by or through the user device, from the data request response, at least the random and storing, by or through the user device, at least in a temporary manner, at least the random, as a reference random;
f) sending, from or through the user device to at least the device, a request, as a cryptogram decryption request, for decrypting a cryptogram including or being accompanied with the cryptogram;
g) decrypting, by or through the device, the cryptogram using a predetermined decryption key and obtaining, by or through the device, at least a random;
h) sending, from or through the device to the user device, at least the random, as a cryptogram decryption request response;
i) verifying, by or through the user device, at least whether the received random does or does not match the reference random; and
j) authenticating, by or through the user device, only if the received random matches the reference random, the device.
|