1. Technical Field
The present inventions relate to authentication and, more particularly, relate to authentication performed iteratively.
2. Description of the Related Art
Authentication is typically performed by means of a signature. Even in interactive protocols a random nonce is signed as part of the authentication step. Current authentication mechanisms between devices are almost exclusively based on RSA (Rivest, Shamir, Adleman), DSA (Digital Signature Algorithm), or ECC (Elliptic Curve Cryptography). Specifications for all of these can be found in Bruce Schneier's book Applied Cryptography: Protocols, Algorithms, and Source Code in C. 
OpenSSH (SSH meaning Secure SHell) has various security levels. No security is self-explanatory. Minimal security is password authentication. Medium is public-key based (like RSA or ECC). High security uses Kerberos, a public-key combined with password scheme, but there is no way of switching between them, short of completely renegotiating the entire protocol.
A first problem inherent in existing schemes is that levels of authentication (and therefore trust) are fixed and non-interactive. The concept of different levels of authentication is known, but in existing systems, the only way to pass from one level of authentication to a higher level is to completely redo the entire authentication scheme from scratch, discarding any partial trust from an earlier authentication effort. This is wasteful of processing resources and suboptimal.
A second problem is that authentication, as it currently exists, is an all-or-nothing proposition, especially between devices. For many applications, it is important to get some level of trust quickly, but high trust can wait longer, as slow processors work to prove their authenticity over days or even weeks. This is applicable to different kinds of low-power devices. An example of this is RF neurons such as the neuRFon™ brand RF neurons under development by Motorola, Inc. of Schaumburg, Ill., USA.
A third problem is that current schemes for device authentication are essentially fixed at a certain level of authentication, that is, the level of trust. For many applications, however, the trust required of different devices is different—in an automobile, for example, it is much more important that the master cylinder be genuine than that the turn signal is genuine.
One of the many limitations of the current model is the lack of ability to scale between different levels of authentication. In many applications, a very high level of authentication is not needed for all nodes in a network. Similarly, a change in circumstances occasionally requires a change from a lower level of authentication to a higher level. In current implementations, this can only be accomplished by completely discarding the early authentication and starting afresh, wasting cycles and bandwidth.