The invention relates to a method for authenticating communication participants, a first communication participant generating a command signal and generating a first code signal which is a function of at least the command signal and a first key value associated with the first communication participant, and a second communication participant generating a second code signal which is a function of at least the command signal and a second key value associated with the second communication participant, which first and second code signal are compared to each other, the first communication participant generating, in response to a first control signal, a subsequent first key value and the second communication participant generating, in response to a second control signal, a subsequent second key value.
A method of this type is disclosed in U.S. Pat. No. 4,688,250. This describes how a ground station (the first communication participant) and a satellite (the second communication participant, also called secondary communication participant) communicate with each other, the satellite only being allowed to execute commands originating from this one ground station and not being allowed to react to commands originating from other (hostile) ground stations. For this purpose, the ground station transmits, together with some command data (the command signal), a code word (the first code signal) which is a cryptographic function of the command data and a secret key (the first key value) which is stored in the ground station. The satellite subsequently generates, on the basis of the same command data and a secret key (the second key value) which is stored in the satellite, a code word (the second code signal), and compares this with the code word transmitted by the ground station. The two code words will be equal if and only if the two secret keys are identical. In the case of identical code words, the ground station has been authenticated sufficiently, and the command is executed by the satellite. In all other cases the command is ignored.
This does require changing the secret keys from time to time. In the abovementioned U.S. patent specification this is implemented by having the ground station transmit a key change command (the first and second control signal), in response to which both the ground station and the satellite generate new secret keys (the subsequent first key value and the subsequent second key value) which are a function of a change code word and a master key, both of which are stored in the ground station as well as in the satellite. Moreover, this change code word is changed regularly.
This known method has the drawback that the new secret keys to be generated are a function of the master key which is stored in the ground station as well as in the satellite and which has a fixed value during the entire satellite mission. As soon as the value of this master key has become known to outsiders, it becomes much easier for them to find out during the remainder of the satellite mission the new secret keys to be generated. Furthermore, this method, when applied in larger systems with considerably more secondary communication participants (such as ISDN networks with many NT's, and smart card systems), has the drawback that each secondary communication participant must have his own unique master key, and the method, when applied in many closely adjacent systems (each system comprising a first and a second communication participant, such as cordless telephone systems), has the drawback that each system should have its own unique master key, which makes additional demands on the production process.