4. Electrical computers and digital processing systems: support
  5. System access control based on user identification by...

Secure seed provisioning

Electrical computers and digital processing systems: support – System access control based on user identification by...

Reexamination Certificate

Rate now
  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C380S262000, C380S044000, C713S172000, C713S159000, C726S006000, C726S007000, C726S009000, C726S020000

Reexamination Certificate

active

08060750

ABSTRACT:
A technique is utilized in the configuration and seeding of security tokens at third party facilities, particularly at facilities of a configuration agent, such that a token can be configured without the configuration agent having security-defeating knowledge about the token. Such a technique allows a third party to provision a token with a seed, but in such a way that the third party will not know, or be able to construct, the seed after the seed provisioning process is complete. The seed may include, by way of example, a symmetric key or other secret shared by two or more entities. In some arrangements, a method is used for secure seed provisioning. Data is derived from inherent randomness in a token or other authentication device. Based on the data, the token or other authentication device is provisioned with a seed.

REFERENCES:
patent: 4424414 (1984-01-01), Hellman et al.
patent: 4567600 (1986-01-01), Massey et al.
patent: 4606042 (1986-08-01), Kahn et al.
patent: 4720860 (1988-01-01), Weiss
patent: 4759063 (1988-07-01), Chaum
patent: 4856062 (1989-08-01), Weiss
patent: 4885778 (1989-12-01), Weiss
patent: 4947430 (1990-08-01), Chaum
patent: 4998279 (1991-03-01), Weiss
patent: 5023908 (1991-06-01), Weiss
patent: 5058161 (1991-10-01), Weiss
patent: 5097505 (1992-03-01), Weiss
patent: 5168520 (1992-12-01), Weiss
patent: 5201000 (1993-04-01), Matyas et al.
patent: 5222140 (1993-06-01), Beller et al.
patent: 5237614 (1993-08-01), Weiss
patent: 5241599 (1993-08-01), Bellovin et al.
patent: 5253295 (1993-10-01), Saada et al.
patent: 5351298 (1994-09-01), Smith
patent: 5361062 (1994-11-01), Weiss et al.
patent: 5367572 (1994-11-01), Weiss
patent: 5373558 (1994-12-01), Chaum
patent: 5440635 (1995-08-01), Bellovin et al.
patent: 5485519 (1996-01-01), Weiss
patent: 5602918 (1997-02-01), Chen et al.
patent: 5657388 (1997-08-01), Weiss
patent: 5724428 (1998-03-01), Rivest
patent: 5745576 (1998-04-01), Abraham et al.
patent: 5835600 (1998-11-01), Rivest
patent: 5841866 (1998-11-01), Bruwer et al.
patent: 5903721 (1999-05-01), Sixtus
patent: 5953420 (1999-09-01), Matyas et al.
patent: 6076163 (2000-06-01), Hoffstein et al.
patent: 6091819 (2000-07-01), Venkatesan et al.
patent: 6130621 (2000-10-01), Weiss
patent: 6240184 (2001-05-01), Huynh et al.
patent: 6269163 (2001-07-01), Rivest et al.
patent: 6286022 (2001-09-01), Kaliski et al.
patent: 6393447 (2002-05-01), Jakobsson et al.
patent: 6411715 (2002-06-01), Liskov et al.
patent: 6681017 (2004-01-01), Matias et al.
patent: 6681327 (2004-01-01), Jardin
patent: 6751729 (2004-06-01), Giniger et al.
patent: 6813354 (2004-11-01), Jakobsson et al.
patent: 6829356 (2004-12-01), Ford
patent: 6985583 (2006-01-01), Brainard et al.
patent: 7111172 (2006-09-01), Duane et al.
patent: 7197639 (2007-03-01), Juels et al.
patent: 7219368 (2007-05-01), Juels et al.
patent: 7356696 (2008-04-01), Jakobsson et al.
patent: 7359507 (2008-04-01), Kaliski
patent: 7363494 (2008-04-01), Brainard et al.
patent: 7562221 (2009-07-01), Nystrom et al.
patent: 7571489 (2009-08-01), Ong et al.
patent: 7602904 (2009-10-01), Juels et al.
patent: 2002/0026345 (2002-02-01), Juels
patent: 2002/0120592 (2002-08-01), Juels et al.
patent: 2004/0017253 (2004-01-01), Ishigami et al.
patent: 2004/0234074 (2004-11-01), Sprunk
patent: 2005/0015588 (2005-01-01), Lin et al.
patent: 2005/0091492 (2005-04-01), Benson et al.
patent: 2005/0129247 (2005-06-01), Gammel et al.
patent: 2006/0037073 (2006-02-01), Juels et al.
patent: 2006/0041759 (2006-02-01), Kaliski et al.
patent: 2006/0083228 (2006-04-01), Ong et al.
patent: 2006/0177056 (2006-08-01), Rostin et al.
patent: 2006/0256961 (2006-11-01), Brainard et al.
patent: 2006/0294331 (2006-12-01), Forrer et al.
patent: 2007/0124321 (2007-05-01), Szydlo
patent: 2007/0174614 (2007-07-01), Duane et al.
patent: 2010/0034383 (2010-02-01), Turk
patent: 1050789 (2000-11-01), None
patent: 00/48064 (2000-08-01), None
patent: 2006/089101 (2006-08-01), None
Bellovin et al., “Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks,” Proceedings of the IEEE Symposium of Research in Security and Privacy, pp. 72-84, 1992.
Bellovin et al., “Augmented Encrypted Key Exchange: A Password-Based Protocol Secure Against Dictionary Attacks and Password File compromise,” AT&T Bell Laboratories Technical Report, pp. 1-7, 1994.
Boneh et al., “On the Importance of Checking Cryptographic Protocols for Faults,” (extended abstract), pp. 1-14, Jul. 26, 2001, retrieved from http://www.citeseer.nj.nec.com/boneh97importance.html.
Boneh et al., “Efficient Generation of Shared RSA Keys,” pp. 1-21, Jul. 26, 2001, retrieved from http://citeseer.nj.nex.com/358268.html.
Cannetti et al., “Proactive Security: Long-Term Protection Against Break-Ins,” CryptoBytes, 3:1-8, 1997.
Chaum, “Security Without Identification: Transaction Systems to Make Big Brother Obsolete,” Communications of the ACM, 28: 1030-1044, 1985.
Chaum, “Blind Signatures for Untraceable Payments,” Advances in Cryptology, Proceedings of the Crypto '82, Workshop on the Theory and Application of Cryptographic Techniques, Santa Barbara, CA, Aug. 23-25, 1982, New York, 1983.
Coron et al., “On the Secutiry of RSA Padding,” Advances in Cryptology, Proceedings of the Crypto '99, pp. 1-18, Springer 1999.
Desmedt et al., “A Chosen Text Attack on the RSA Cryptosystem and Some Discrete Logarithm Schemes,” Advances in Cryptology, Proceedings of the Crypto '85, pp. 516-522, Springer-Velag 1986.
Dierks et al., “The TLS Protocol Version 1.0,” IETF RFC 2246, pp. -75, Jan. 1999, Jul. 25, 2001, retrieved from http://www.jetf.org/rfc/rfc2246.txt.
Frier et al., “The SSL 3.0 Protocol,” Netscape Communications Corp., pp. 1-62; Nov. 18, 1996, retrieved Jul. 10, 2001 from http://home.netscape.come/eng/ss113/draft302.txt.
Gong, “Increasing Availability and Security of an Autherntication Service,” IEEE Journal on Selected Areas in Communication, 11: 657-662, 1993.
Gong et al., “Protecting Poorly Chosen Secrets from Guessing Attacks,” IEEE Journal of Selected Areas in Communications, 11: 648-656, 1993.
Gong, “Optimal Authentication Protocols Resistant to Password Guessing Attacks,” Proceedings of the 8.sup.th IEEE Computer Security Foundations Workshop, Ireland, pp. 24-29, Jun. 13-15, 1995.
Halevi et al., “Public-Key Cryptography and Password Protocols,” Proceedings of the Fifth ACM Conference on Computer and Communications Security, pp. 122-131, Nov. 3-5, 1998.
Heroux, “A Private Key Storage Server for DCE—Functional Specification,” Open Software foundation, Request for Comments: 94.1,pp. 1-73, Nov. 1996, retrieved on Jul. 17, 2001 from http://www.opengroup.org/rfc/mirror-rfc/rfc94.1.txt.
Herzberg et al., “Proactive SEcret Sharing Or: How to Cope with Perpetual Leakage,” Advances in Cryptology, Proceedings of the Crypto '95, pp. 339-352, California, Aug. 1995, Springer 1995.
Jablon, “Strong Password-Only Authenticated Key Exchange,” ACM computer Communication Review, pp. 1-24, 1996.
Jabion, “Extended Password Key Exchange Protocols Immune to Dictionary Attack,” Proceedings of the WETICE '97 Enterprise Security Workshop, pp. 248-255, 1997.
Juels et al., “Security of Blind Digital Signatures,” Advances in Cryuptology, Proceedings of the Crypto '97, pp. 150-164, California, Aug. 1997, Springer 1997.
Kohl et al., “The Kerberos Network Authentication Service,” RFC 1510, pp. 1-105, Internet Activities Board, Sep. 1993, retrieved on Jul. 10, 2001 from http://www.ietf.org/rfc/rfc1510.txt.
Law et al., “An Efficient Protocol for Authenticated Key Agreement,” Technical Report CORR 98-05, pp. 1-16, Deparment of C&O, University of Waterloo, CAnada, Mar. 1998, revised Aug. 28, 1998.
Lim et al., “A Key Recovery Attack on Some Discrete Log-Based Schemes Using a Prime-Order Subgroup,” Advances in

Ciaffi Marco

Inventor

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Duane William M.

Inventor

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Silva Eric A.

Inventor

  [ 0.00 ] – not rated yet Voters 0   Comments 0

BainwoodHuang

Law Firm

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Cervetti David Garcia

Examiner

  [ 0.00 ] – not rated yet Voters 0   Comments 0

EMC Corporation

Corporate Assignee

  [ 0.00 ] – not rated yet Voters 0   Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Secure seed provisioning does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Secure seed provisioning, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure seed provisioning will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-4277185

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

 Charities
 Companies
 MP Candidates
 Patents
 Employee Salary Disclosure

World

 Places of the World
 Scientific Papers

United States

 Banks
 Companies
 Counties
 Patents
 Employee Salary Disclosure