-
1.发明授权公开(公告)号:US07363494B2
公开(公告)日:2008-04-22
申请号:US10010769
申请日:2001-12-04
CPC分类号: G06Q20/32 , G06Q20/385 , G06Q20/40 , H04L9/3226 , H04L9/3297 , H04L2209/56 , H04L2209/80
摘要: A time-based method for generating an authentication code associated with an entity uses an authentication code generated from a secret, a dynamic, time-varying variable, and the number of previous authentication code generations within the particular time interval. Other information such as a personal identification number (PIN) and a verifier identifier can also be combined into the authentication code.
摘要翻译: 用于生成与实体相关联的认证码的基于时间的方法使用从秘密,动态,时变变量和特定时间间隔内的先前认证码生成次数生成的认证码。 诸如个人识别码(PIN)和验证者标识符的其他信息也可以组合成认证码。
-
公开(公告)号:US06985583B1
公开(公告)日:2006-01-10
申请号:US09304775
申请日:1999-05-04
CPC分类号: H04L63/08 , G06F21/31 , G06F21/33 , H04L9/0844 , H04L9/0869 , H04L9/3234 , H04L63/0428
摘要: In one embodiment of a user authentication system and method according to the invention, a device shares a secret, referred to as a master seed, with a server. The device and the server both derive one or more secrets, referred to as verifier seeds, from the master seed, using a key derivation function. The server shares a verifier seed with one or more verifiers. The device, or an entity using the device, can authenticate with one of the verifiers using the appropriate verifier seed. In this way, the device and the verifier can share a secret, the verifier seed for that verifier, without that verifier knowing the master seed, or any other verifier seeds. Thus, the device need only store the one master seed, have access to the information necessary to correctly derive the appropriate seed, and have seed derivation capability. A verifier cannot compromise the master seed, because the verifier does not have access to the master seed.
-
公开(公告)号:US07502467B2
公开(公告)日:2009-03-10
申请号:US11265510
申请日:2005-11-02
CPC分类号: H04L63/08 , G06F21/31 , G06F21/33 , H04L9/0844 , H04L9/0869 , H04L9/3234 , H04L63/0428
摘要: In one embodiment of a user authentication system and method according to the invention, a device shares a secret, referred to as a master seed, with a server. The device and the server both derive one or more secrets, referred to as verifier seeds, from the master seed, using a key derivation function. The server shares a verifier seed with one or more verifiers. The device, or an entity using the device, can authenticate with one of the verifiers using the appropriate verifier seed. In this way, the device and the verifier can share a secret, the verifier seed for that verifier, without that verifier knowing the master seed, or any other verifier seeds. Thus, the device need only store the one master seed, have access to the information necessary to correctly derive the appropriate seed, and have seed derivation capability. A verifier cannot compromise the master seed, because the verifier does not have access to the master seed.
摘要翻译: 在根据本发明的用户认证系统和方法的一个实施例中,设备与服务器共享被称为主种子的秘密。 设备和服务器都使用密钥导出函数从主种子中导出一个或多个称为验证者种子的秘密。 服务器与一个或多个验证者共享一个验证者种子。 设备或使用该设备的实体可以使用适当的验证者种子与验证者之一进行身份验证。 以这种方式,设备和验证者可以共享秘密,该验证者的验证者种子,而没有知道主种子的验证者或任何其他验证者种子。 因此,设备只需要存储一个主播种子,可以访问正确导出适当种子所需的信息,并具有种子推导能力。 验证者不能损害主粒子,因为验证者无法访问主粒子。
-
公开(公告)号:US08607045B2
公开(公告)日:2013-12-10
申请号:US11530655
申请日:2006-09-11
IPC分类号: G06F21/00
CPC分类号: H04L9/0866 , H04L9/0897 , H04L9/3213 , H04L9/3228 , H04L2209/80
摘要: In a system comprising a transient storage device (TSD) or other type of peripheral configured for communication with a host device, a first one-time password or other type of code is generated in the peripheral and transmitted to the host device. The first code is presented by the host device to an authentication server for authentication. The host device receives a second one-time password or other type of code from the authentication server and transmits it to the peripheral for authentication.
摘要翻译: 在包括被配置为与主机设备进行通信的瞬时存储设备(TSD)或其他类型的外围设备的系统中,在外围设备中生成第一个一次性密码或其他类型的代码,并发送给主机设备。 第一个代码由主机设备提供给认证服务器进行认证。 主机设备从认证服务器接收第二个一次性密码或其他类型的代码,并将其发送到外围设备进行认证。
-
5.发明授权Authentication methods and apparatus using pairing protocols and other techniques 有权使用配对协议和其他技术的认证方法和设备公开(公告)号:US08495372B2
公开(公告)日:2013-07-23
申请号:US11939232
申请日:2007-11-13
CPC分类号: H04L9/0861 , H04L9/3228 , H04L9/3234 , H04L63/0492 , H04L63/08 , H04L63/0838 , H04L2209/805 , H04W12/06
摘要: In one aspect, a first processing device, which may be an authentication token, establishes a shared key through a pairing protocol carried out between the first processing device and a second processing device. The pairing protocol also involves communication between the second processing device and an authentication server. As part of the pairing protocol, the first processing device sends identifying information to the second processing device, and the second processing device utilizes the identifying information to obtain the shared key from the authentication server. The first processing device encrypts authentication information utilizing the shared key, and transmits the encrypted authentication information from the first processing device to the second processing device. The second processing device utilizes the shared key to decrypt the encrypted authentication information.
摘要翻译: 一方面,可以是认证令牌的第一处理设备通过在第一处理设备和第二处理设备之间执行的配对协议来建立共享密钥。 配对协议还涉及第二处理设备和认证服务器之间的通信。 作为配对协议的一部分,第一处理设备向第二处理设备发送识别信息,并且第二处理设备利用识别信息从认证服务器获得共享密钥。 第一处理装置利用共享密钥加密认证信息,并将加密的认证信息从第一处理装置发送到第二处理装置。 第二处理装置利用共享密钥对加密的认证信息进行解密。
-
公开(公告)号:US09137012B2
公开(公告)日:2015-09-15
申请号:US11671264
申请日:2007-02-05
CPC分类号: H04L9/0861 , H04L9/3228 , H04L9/3234 , H04L63/0492 , H04L63/08 , H04L63/0838 , H04L2209/805 , H04W12/06
摘要: A first processing device, which may be, for example, a wireless authentication token or an RFID tag, transmits information in a wireless network in a manner that emulates standard communications of an access point of the wireless network, although the first processing device is not configured to operate as an actual access point of the wireless network. A second processing device, which may be, for example, a computer or other station of the wireless network, receives the transmitted information and is able to determine therefrom that the information originates from an emulated access point rather than an actual access point. The second processing device responds to this condition by utilizing the transmitted information in a manner distinct from its utilization of similar information received from the actual access point of the wireless network.
摘要翻译: 可以是例如无线认证令牌或RFID标签的第一处理设备以模拟无线网络的接入点的标准通信的方式在无线网络中发送信息,尽管第一处理设备不是 被配置为作为无线网络的实际接入点进行操作。 可以是例如无线网络的计算机或其他站的第二处理设备接收所发送的信息,并且能够从其确定信息源自仿真接入点而不是实际接入点。 第二处理装置以与从无线网络的实际接入点接收到的类似信息不同的方式利用所发送的信息来响应该条件。
-
公开(公告)号:US08438617B2
公开(公告)日:2013-05-07
申请号:US11926784
申请日:2007-10-29
申请人: John G. Brainard , Ari Juels , Ronald L. Rivest , Michael Szydlo
发明人: John G. Brainard , Ari Juels , Ronald L. Rivest , Michael Szydlo
CPC分类号: G06F21/31
摘要: An authentication server authenticates a first user, and generates a voucher code that is provided to the authenticated first user. The first user may provide the voucher code to a second user, responsive to a request by the second user for the first user to vouch for the second user, to thereby allow the second user to be authenticated. The authentication server receives the voucher code from the second user, and authenticates the second user based on the voucher code. The authenticated second user may be provided with a temporary password or other type of code utilizable for at least one additional authentication.
摘要翻译: 认证服务器认证第一用户,并生成提供给认证的第一用户的凭证代码。 响应于第二用户对第一用户的请求来保证第二用户,第一用户可以向第二用户提供凭证代码,从而允许第二用户被认证。 认证服务器从第二用户接收凭证代码,并且基于凭证代码认证第二用户。 经认证的第二用户可以被提供有可用于至少一个附加认证的临时密码或其他类型的代码。
-
公开(公告)号:US20090113530A1
公开(公告)日:2009-04-30
申请号:US11926784
申请日:2007-10-29
申请人: John G. Brainard , Ari Juels , Ronald L. Rivest , Michael Szydlo
发明人: John G. Brainard , Ari Juels , Ronald L. Rivest , Michael Szydlo
CPC分类号: G06F21/31
摘要: An authentication server authenticates a first user, and generates a voucher code that is provided to the authenticated first user. The first user may provide the voucher code to a second user, responsive to a request by the second user for the first user to vouch for the second user, to thereby allow the second user to be authenticated. The authentication server receives the voucher code from the second user, and authenticates the second user based on the voucher code. The authenticated second user may be provided with a temporary password or other type of code utilizable for at least one additional authentication.
摘要翻译: 认证服务器认证第一用户,并生成提供给认证的第一用户的凭证代码。 响应于第二用户对第一用户的请求来保证第二用户,第一用户可以向第二用户提供凭证代码,从而允许第二用户被认证。 认证服务器从第二用户接收凭证代码,并且基于凭证代码认证第二用户。 经认证的第二用户可以被提供有可用于至少一个附加认证的临时密码或其他类型的代码。
-
公开(公告)号:US08631475B1
公开(公告)日:2014-01-14
申请号:US13332936
申请日:2011-12-21
IPC分类号: H04L29/06
CPC分类号: H04L63/0838 , H04L63/12
摘要: A method is used in ordering inputs for order dependent processing. Ordered inputs are derived from original inputs. The ordered inputs have an order based on values of the original inputs. Order dependent processing logic is applied to the ordered inputs, to produce a result that is derived from the original inputs.
摘要翻译: 在排序输入中使用一种方法进行顺序相关处理。 有序的输入源自原始输入。 有序输入具有基于原始输入值的顺序。 依赖于顺序的处理逻辑被应用于有序输入,以产生从原始输入导出的结果。
-
公开(公告)号:US09467293B1
公开(公告)日:2016-10-11
申请号:US12975474
申请日:2010-12-22
申请人: John G. Brainard , Ari Juels
发明人: John G. Brainard , Ari Juels
CPC分类号: H04L9/3234 , G06Q20/3823 , G06Q20/40 , H04L9/3228 , H04L9/3231
摘要: A method and system for use in generating authentication codes associated with devices is disclosed. In at least one embodiment, the method and system may generate a secret value that depends on event state data that specifies an operating condition of a device, and may generate a series of authentication codes that depends on the secret value and a series of dynamic values.
摘要翻译: 公开了一种用于生成与设备相关联的认证码的方法和系统。 在至少一个实施例中,该方法和系统可以生成依赖于指定设备的操作条件的事件状态数据的秘密值,并且可以生成取决于秘密值和一系列动态值的一系列认证码 。
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.027 秒)
