公开(公告)号：US20140157389A1

公开(公告)日：2014-06-05

申请号：US14175115

申请日：2014-02-07

Applicant: eBay Inc.

Inventor： Upendra Mardikar ,  Kent Griffin ,  Allison Elizabeth Miller ,  Amol Patel

IPC: H04L29/06

CPC classification number: H04L63/0846 ,  H04L9/3228 ,  H04L63/083 ,  H04L63/0838 ,  H04L63/0876 ,  H04L63/1466 ,  H04L63/1483 ,  H04L2209/80 ,  H04W12/06 ,  H04W12/12

Abstract: Embodiments of systems and methods for client and/or server authentication are provided. In one embodiment, a method includes sending information from a mobile network device to a server, wherein the information comprises a seed that is used by both the mobile network device and the server to compute a series of one time passwords. The method also includes receiving, by the mobile network device, a succession of one time passwords generated by the server throughout a session. And the method further includes comparing the received one time passwords generated by the server throughout the session to corresponding one time passwords generated at the mobile network device. In this manner, the server can be authenticated. In various embodiments, the process may be reversed to facilitate client, e.g., mobile network device, authentication

Abstract translation: 提供了用于客户机和/或服务器认证的系统和方法的实施例。 在一个实施例中，一种方法包括从移动网络设备向服务器发送信息，其中所述信息包括由移动网络设备和服务器两者使用以计算一系列一次密码的种子。 该方法还包括由移动网络设备在整个会话期间由服务器生成一连串的一次密码。 并且该方法还包括将由服务器在整个会话中生成的接收到的一次密码与在移动网络设备处生成的相应的一次密码进行比较。 以这种方式，可以认证服务器。 在各种实施例中，可以颠倒该过程以促进客户端，例如移动网络设备认证

公开(公告)号：US09197634B2

公开(公告)日：2015-11-24

申请号：US14175115

申请日：2014-02-07

Applicant: eBay Inc.

Inventor： Upendra Mardikar ,  Kent Griffin ,  Allison Elizabeth Miller ,  Amol Patel

IPC: G06F21/00 ,  H04L29/06 ,  H04W12/06 ,  H04W12/12 ,  H04L9/32

CPC classification number: H04L63/0846 ,  H04L9/3228 ,  H04L63/083 ,  H04L63/0838 ,  H04L63/0876 ,  H04L63/1466 ,  H04L63/1483 ,  H04L2209/80 ,  H04W12/06 ,  H04W12/12

Abstract: Embodiments of systems and methods for client and/or server authentication are provided. In one embodiment, a method includes sending information from a mobile network device to a server, wherein the information comprises a seed that is used by both the mobile network device and the server to compute a series of one time passwords. The method also includes receiving, by the mobile network device, a succession of one time passwords generated by the server throughout a session. And the method further includes comparing the received one time passwords generated by the server throughout the session to corresponding one time passwords generated at the mobile network device. In this manner, the server can be authenticated. In various embodiments, the process may be reversed to facilitate client authentication, e.g., mobile network device authentication.

Abstract translation: 提供了用于客户机和/或服务器认证的系统和方法的实施例。 在一个实施例中，一种方法包括从移动网络设备向服务器发送信息，其中所述信息包括由移动网络设备和服务器两者使用以计算一系列一次密码的种子。 该方法还包括由移动网络设备在整个会话期间由服务器生成一连串的一次密码。 并且该方法还包括将由服务器在整个会话中生成的接收到的一次密码与在移动网络设备处生成的相应的一次密码进行比较。 以这种方式，可以认证服务器。 在各种实施例中，可以颠倒该过程以促进客户端认证，例如移动网络设备认证。