-
公开(公告)号:US08381062B1
公开(公告)日:2013-02-19
申请号:US12115145
申请日:2008-05-05
IPC分类号: G06F11/00
CPC分类号: G06F21/602 , G06F11/10 , G06F21/64 , H04L9/3221 , H04L63/123 , H04L63/126
摘要: A proof of retrievability (POR) mechanism is applicable to a file for providing assurances of file possession to a requesting client by transmitting only a portion of the entire file. The client compares or examines validation values returned from predetermined validation segments of the file with previously computed validation attributes for assessing the existence of the file. Since the archive server does not have access to the validation function prior to the request, or challenge, from the client, the archive server cannot anticipate the validation values expected from the validation function. Further, since the validation segments from which the validation attributes, and hence the validation values were derived, are also unknown to the server, the server cannot anticipate which portions of the file will be employed for validation.
摘要翻译: 可检索性(POR)机制的证明适用于通过传送整个文件的一部分来向请求客户端提供文件拥有保证的文件。 客户端比较或检查从文件的预定验证段返回的验证值与先前计算的验证属性,以评估文件的存在。 由于存档服务器在请求之前无法访问验证函数,或者从客户端询问,归档服务器无法预期验证函数预期的验证值。 此外,由于从其导出验证属性以及因此导出验证值的验证段对于服务器而言也是未知的,所以服务器不能预期该文件的哪些部分将用于验证。
-
公开(公告)号:US07725730B2
公开(公告)日:2010-05-25
申请号:US10216030
申请日:2002-08-09
申请人: Ari Juels , Burton S. Kaliski, Jr.
发明人: Ari Juels , Burton S. Kaliski, Jr.
CPC分类号: H04L63/083 , H04L9/0844 , H04L9/3218 , H04L9/3226 , H04L63/1441 , H04L63/1458 , H04L2209/04 , H04L2209/42 , H04L2209/80 , H04L2209/805 , H04W12/06 , H04W12/12
摘要: Secure authentication protocols, particularly well-suited for use in authenticating mobile communications devices having limited computational resources, are disclosed. In an illustrative embodiment, a network-based communication system includes a client device and at least two servers. First and second shares are generated from a first password associated with the client device, and stored in respective first and second servers. The client device submits additional information associated therewith to at least one of the first and second servers. Each of the first and second shares has the property that it is infeasible to determine solely therefrom correspondence of the additional information with the first password. The first and second servers then utilize the respective first and second shares to collectively determine said correspondence of the additional information with the first password.
摘要翻译: 公开了特别适合于认证具有有限计算资源的移动通信设备的安全认证协议。 在说明性实施例中,基于网络的通信系统包括客户端设备和至少两个服务器。 从与客户端设备相关联的第一密码生成第一和第二共享,并存储在相应的第一和第二服务器中。 客户端设备将与其相关联的附加信息提交给第一和第二服务器中的至少一个。 第一和第二股份中的每一个都具有不可能仅从其确定附加信息与第一密码的对应关系的属性。 然后,第一和第二服务器利用相应的第一和第二份共同确定附加信息与第一密码的所述对应关系。
-
公开(公告)号:US09137012B2
公开(公告)日:2015-09-15
申请号:US11671264
申请日:2007-02-05
CPC分类号: H04L9/0861 , H04L9/3228 , H04L9/3234 , H04L63/0492 , H04L63/08 , H04L63/0838 , H04L2209/805 , H04W12/06
摘要: A first processing device, which may be, for example, a wireless authentication token or an RFID tag, transmits information in a wireless network in a manner that emulates standard communications of an access point of the wireless network, although the first processing device is not configured to operate as an actual access point of the wireless network. A second processing device, which may be, for example, a computer or other station of the wireless network, receives the transmitted information and is able to determine therefrom that the information originates from an emulated access point rather than an actual access point. The second processing device responds to this condition by utilizing the transmitted information in a manner distinct from its utilization of similar information received from the actual access point of the wireless network.
摘要翻译: 可以是例如无线认证令牌或RFID标签的第一处理设备以模拟无线网络的接入点的标准通信的方式在无线网络中发送信息,尽管第一处理设备不是 被配置为作为无线网络的实际接入点进行操作。 可以是例如无线网络的计算机或其他站的第二处理设备接收所发送的信息,并且能够从其确定信息源自仿真接入点而不是实际接入点。 第二处理装置以与从无线网络的实际接入点接收到的类似信息不同的方式利用所发送的信息来响应该条件。
-
公开(公告)号:US07502933B2
公开(公告)日:2009-03-10
申请号:US10724034
申请日:2003-11-26
IPC分类号: H04L9/00
CPC分类号: G07F7/1008 , G06Q20/341 , G06Q20/40975 , H04L9/3226 , H04L2209/60 , H04L2209/80
摘要: A method and system for generating an authentication code that depends at least in part on a dynamic value that changes over time, an event state associated with the occurrence of an event, and a secret associated with an authentication device. By generating the authentication code responsive to an event state, an identity authentication code can be used to verify identity and to communicate event state information, and to do so in a secure manner.
摘要翻译: 一种用于生成认证码的方法和系统,所述认证码至少部分取决于随时间变化的动态值,与事件发生相关联的事件状态以及与认证设备相关联的秘密。 通过响应于事件状态生成认证码,可以使用身份认证码来验证身份并传达事件状态信息,并以安全的方式进行。
-
公开(公告)号:US09280871B2
公开(公告)日:2016-03-08
申请号:US11774857
申请日:2007-07-09
IPC分类号: G07F17/32
CPC分类号: G07F17/3251 , G07F17/32
摘要: Techniques for providing authentication functionality in a gaming system are disclosed. In one aspect, a gaming system is configured such that, at a given point during a current session of a game in progress that involves at least one user previously granted access by the system to participate in the current session, information available from an authentication token associated with the user is obtained prior to allowing the user to take a particular action in the game. A determination is made as to whether or not the user will be allowed to take the particular action in the game, based on the obtained information. The obtained information may comprise, for example, at least a portion of a one-time password generated by a hardware or software authentication token.
摘要翻译: 公开了一种用于在游戏系统中提供认证功能的技术。 在一个方面,游戏系统被配置为使得在正在进行的游戏的当前会话期间的给定点处涉及至少一个用户先前被系统授权参与当前会话的访问,来自认证令牌的信息 在允许用户在游戏中采取特定动作之前获得与用户相关联。 根据所获得的信息确定用户是否将被允许在游戏中采取特定动作。 获得的信息可以包括例如由硬件或软件认证令牌生成的一次性密码的至少一部分。
-
6.发明授权Authentication methods and apparatus using pairing protocols and other techniques 有权使用配对协议和其他技术的认证方法和设备公开(公告)号:US08495372B2
公开(公告)日:2013-07-23
申请号:US11939232
申请日:2007-11-13
CPC分类号: H04L9/0861 , H04L9/3228 , H04L9/3234 , H04L63/0492 , H04L63/08 , H04L63/0838 , H04L2209/805 , H04W12/06
摘要: In one aspect, a first processing device, which may be an authentication token, establishes a shared key through a pairing protocol carried out between the first processing device and a second processing device. The pairing protocol also involves communication between the second processing device and an authentication server. As part of the pairing protocol, the first processing device sends identifying information to the second processing device, and the second processing device utilizes the identifying information to obtain the shared key from the authentication server. The first processing device encrypts authentication information utilizing the shared key, and transmits the encrypted authentication information from the first processing device to the second processing device. The second processing device utilizes the shared key to decrypt the encrypted authentication information.
摘要翻译: 一方面,可以是认证令牌的第一处理设备通过在第一处理设备和第二处理设备之间执行的配对协议来建立共享密钥。 配对协议还涉及第二处理设备和认证服务器之间的通信。 作为配对协议的一部分,第一处理设备向第二处理设备发送识别信息,并且第二处理设备利用识别信息从认证服务器获得共享密钥。 第一处理装置利用共享密钥加密认证信息,并将加密的认证信息从第一处理装置发送到第二处理装置。 第二处理装置利用共享密钥对加密的认证信息进行解密。
-
7.发明授权公开(公告)号:US07363494B2
公开(公告)日:2008-04-22
申请号:US10010769
申请日:2001-12-04
CPC分类号: G06Q20/32 , G06Q20/385 , G06Q20/40 , H04L9/3226 , H04L9/3297 , H04L2209/56 , H04L2209/80
摘要: A time-based method for generating an authentication code associated with an entity uses an authentication code generated from a secret, a dynamic, time-varying variable, and the number of previous authentication code generations within the particular time interval. Other information such as a personal identification number (PIN) and a verifier identifier can also be combined into the authentication code.
摘要翻译: 用于生成与实体相关联的认证码的基于时间的方法使用从秘密,动态,时变变量和特定时间间隔内的先前认证码生成次数生成的认证码。 诸如个人识别码(PIN)和验证者标识符的其他信息也可以组合成认证码。
-
公开(公告)号:US08607045B2
公开(公告)日:2013-12-10
申请号:US11530655
申请日:2006-09-11
IPC分类号: G06F21/00
CPC分类号: H04L9/0866 , H04L9/0897 , H04L9/3213 , H04L9/3228 , H04L2209/80
摘要: In a system comprising a transient storage device (TSD) or other type of peripheral configured for communication with a host device, a first one-time password or other type of code is generated in the peripheral and transmitted to the host device. The first code is presented by the host device to an authentication server for authentication. The host device receives a second one-time password or other type of code from the authentication server and transmits it to the peripheral for authentication.
摘要翻译: 在包括被配置为与主机设备进行通信的瞬时存储设备(TSD)或其他类型的外围设备的系统中,在外围设备中生成第一个一次性密码或其他类型的代码,并发送给主机设备。 第一个代码由主机设备提供给认证服务器进行认证。 主机设备从认证服务器接收第二个一次性密码或其他类型的代码,并将其发送到外围设备进行认证。
-
9.发明授权System and method for increasing the security of encrypted secrets and authentication 有权增加加密秘密和认证安全性的系统和方法公开(公告)号:US07716484B1
公开(公告)日:2010-05-11
申请号:US09802485
申请日:2001-03-09
IPC分类号: H04L9/00
CPC分类号: H04L9/3013 , H04L9/002 , H04L9/3226 , H04L9/3249 , H04L63/083 , H04L63/0838 , H04L63/0861 , H04L2209/50 , H04L2209/80 , H04W12/06
摘要: In general, in one aspect, the invention relates to a method for accessing encrypted data by a client. The method includes receiving from the client by a server client information derived from a first secret wherein the client information is derived such that the server can not feasibly determine the first secret. The method also includes providing to the client by the server intermediate data, which is derived responsive to the received client information, a server secret, and possibly other information. The intermediate data is derived such that the client cannot feasibly determine the server secret. The method also includes authenticating the client by a device that stores encrypted secrets and is configured not to provide the encrypted secrets without authentication. After the authenticating step, the method also includes providing the encrypted secrets to the client. The encrypted secrets 5 are capable of being decrypted using a third secret that is derived from the intermediate data.
摘要翻译: 通常,一方面,本发明涉及一种由客户机访问加密数据的方法。 该方法包括从服务器客户端接收从第一秘密导出的信息,其中导出客户端信息,使得服务器不能可行地确定第一秘密。 该方法还包括通过服务器向服务器提供响应于所接收的客户端信息导出服务器密码以及可能的其他信息的中间数据。 派生中间数据,使得客户端无法可行地确定服务器机密。 该方法还包括通过存储加密秘密的设备认证客户端,并且被配置为不提供加密的秘密而不进行认证。 在认证步骤之后,该方法还包括向客户端提供加密的秘密。 加密秘密5能够使用从中间数据导出的第三秘密进行解密。
-
公开(公告)号:US5854759A
公开(公告)日:1998-12-29
申请号:US851045
申请日:1997-05-05
IPC分类号: G06F7/72
摘要: Methods and apparatus for converting a value A representing in a first basis an element of a finite field GF(q.sup.m) to a value B representing the element in a second basis, where q is a prime number or power of a prime number and m is an integer greater than or equal to 2, and where the value B includes a vector of m coefficients from a finite field GF(q). An exemplary apparatus, particularly well-suited for exporting the value A in an internal basis representation to the value B in an external basis representation, includes an externally shifted sequence generator for generating from the value A a sequence of intermediate values representing in the first basis elements of the finite field GF(q.sup.m) whose representations in the second basis are related to the value B by a predetermined external shift operation. An extractor coupled to the externally shifted sequence generator receives and processes the sequence of intermediate values to generate each coefficient of the value B.
摘要翻译: 用于将以有限域GF(qm)的元素表示为第二基元的值B的值A表示的值A的方法和装置,其中q是素数的质数或幂数,m是 大于或等于2的整数,并且其中值B包括来自有限域GF(q)的m个系数的向量。 特别适合于在内部基础表示中以外部基础表示将值A输出到值B的示例性装置包括外部移位的序列生成器,用于从值A生成表示第一基础的中间值序列 通过预定的外部移位操作在第二基础中的表示与值B相关联的有限域GF(qm)的元素。 耦合到外部移位的序列发生器的提取器接收并处理中间值序列以产生值B的每个系数。
-
-
-
-
-
-
-
-
-
搜索结果
22 条记录 (耗时 0.019 秒)
