Information security – Access control or authentication – Network
Reexamination Certificate
2005-12-13
2010-10-12
Smithers, Matthew B (Department: 2437)
Information security
Access control or authentication
Network
C726S005000, C726S009000, C726S018000, C726S019000
Reexamination Certificate
active
07814538
ABSTRACT:
An authentication process using a combined code as a shared secret between a client and target service is provided. The combined code is provided out-of-band and includes data to perform two-way authentication for both the client and the target service. The target service may provide the client with a certificate to establish a secure channel. The client may use the data in the combined code to validate the target service. When the target service is validated, the client may provide credentials in the combined code to the target service for authentication. In one example implementation, the combined code includes a hash of a public key. The client may compute another hash of another public key in the certificate provided by the target service and validate the service by comparing the hash in the combined code and the computed hash.
REFERENCES:
patent: 5210795 (1993-05-01), Lipner
patent: 5226172 (1993-07-01), Seymour
patent: 6826686 (2004-11-01), Peyravian
patent: 6834112 (2004-12-01), Brickell
patent: 2002/0095569 (2002-07-01), Jerdonek
patent: 2003/0037241 (2003-02-01), Campagna
patent: 2003/0056096 (2003-03-01), Albert
patent: 2003/0065919 (2003-04-01), Albert
patent: 2003/0070070 (2003-04-01), Yeager et al.
patent: 2004/0025026 (2004-02-01), Karp
patent: 2004/0088348 (2004-05-01), Yeager et al.
patent: 2004/0158708 (2004-08-01), Peyravian et al.
patent: 2004/0158714 (2004-08-01), Peyravian et al.
patent: 2005/0076217 (2005-04-01), Lord et al.
patent: 2005/0166263 (2005-07-01), Nanopoulos
patent: 2005/0182934 (2005-08-01), Elteto
patent: 2007/0147603 (2007-06-01), Nakano et al.
patent: WO2005006703 (2005-01-01), None
patent: WO2005019974 (2005-03-01), None
B. Clifford Neuman and Theodore Ts'o; Kerberos: An Authentication Service for Computer Networks; ISI/RS-94-399; Sep. 1994; University of Southern California, Information Science Institute; 4676 Admiralty Way, Marina del Rey, CA 90292-6695; http:/
trs.nasa.gov/archive
asa/casi.ntrs.nasa.gov/19970004330—1997000619.pdf.
Irene Gassko, Peter S. Gemmell and Philip MacKenzie; Efficient and Fresh Certification; Abstract; Lecture Notes in Computer Science; Springer-Verlag GmbH; ISSN: 0302-9743; http://www.springerlink.com/app/home/contribution.asp?wasp=b65edd55769047ac93c1bca0a7f0af31&referrer=parent&backto=issue,23,31;journal,1818,2169;linkingpublicationresults,1:105633,1.
Yasir Ali; Adding Public Key Secruity to SSH; A Thesis; Feb. 20, 2003; Dartmouth College; Hanover, New Hamshire; http://www.cs.dartmouth.edu/˜sws/theses/ali.pdf.
Neil M. Haller; The S/Key™ One-Time Password System; Abstract; Bellcore; Morristown, New Jersey; http://www.support.psi.com/support/spart/papers/password/skey.pdf.
Ingo Cyliax; Steven D. Johnson; Arriving at FPGA Based Hardware Unix-Encription Using Iterated Codesign Methods;Technical Report No. 496; Oct. 1997; Bhaskar Bose, Derivation Systems, Inc., Calrsbad CA; Computer Science Department; Indiana University; Bloomington, Indiana 47405-4101; http://grouchy.cs.indiana.edu/l/www/ftp/techreports/TR496.pdf.
Chan Shannon J.
Kuehnel Thomas W.
Microsoft Corporation
Sims Jing
Smithers Matthew B
LandOfFree
Two-way authentication using a combined code does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Two-way authentication using a combined code, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Two-way authentication using a combined code will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4241729