BAE Systems PLC
AUTHENTICATING AN ENTITY

Abstract:

A method of authenticating an entity comprises generating, at a one-time pad authenticator associated with a user, a first code corresponding to a first part of a first one-time pad stored on the one-time pad authenticator, the first point having a starting address within the first-one time pad. The method comprises transmitting, from a user device to the entity, a request for the entity to authenticate itself, the request comprising the starting address. In response to receiving the request, the method comprises generating, by the entity, a second code corresponding to the first part of a second one-time pad stored on the entity, wherein the first part of the second one-time pad is determined using the received starting address. The method further comprises transmitting the second code to the user device; and receiving, at the user device, the second code for comparison with the first code, wherein, if the first code is equal to the second code, the entity is authenticated. The present invention also provides an entity, a user device and a system for performing elements of the method.