Methods and systems for secure transmission of identification information over public networks
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-021/00
H04L-009/32
H04K-001/00
G06F-015/16
출원번호
UP-0067306
(2005-02-25)
등록번호
US-7669233
(2010-04-09)
발명자
/ 주소
Grace, David
Turgeon, Paul
출원인 / 주소
Metavante Corporation
대리인 / 주소
Townsend and Townsend and Crew LLP
인용정보
피인용 횟수 :
2인용 특허 :
37
초록▼
Methods and systems are provided for generating a party static token to be used in combination with a party dynamic token for identifying a party to a host system. Identification information that identifies the party to the host system is received. Such identification information includes a host dyn
Methods and systems are provided for generating a party static token to be used in combination with a party dynamic token for identifying a party to a host system. Identification information that identifies the party to the host system is received. Such identification information includes a host dynamic token and a host static token. A false host dynamic token that differs from the host dynamic token is generated. The host dynamic token and the false host dynamic token are encrypted. In addition, information that uniquely identifies the party dynamic token is encrypted. The party static token is produced from a combination of the encrypted host dynamic token, the encrypted false host dynamic token, and the encrypted information that uniquely identifies the party dynamic token.
대표청구항▼
What is claimed is: 1. A method for generating a party static token to be used in combination with a party dynamic token for identifying a party to a host system, the method comprising: receiving identification information that identifies the party to the host system, the information comprising a h
What is claimed is: 1. A method for generating a party static token to be used in combination with a party dynamic token for identifying a party to a host system, the method comprising: receiving identification information that identifies the party to the host system, the information comprising a host dynamic token and a host static token; generating a false host dynamic token, wherein the false host dynamic token differs from the host dynamic token; encrypting the host dynamic token; encrypting the false host dynamic token; encrypting information that uniquely identifies the party dynamic token; and producing the party static token from a combination of the encrypted host dynamic token, the encrypted false host dynamic token, and the encrypted information that uniquely identifies the party dynamic token. 2. The method recited in claim 1 wherein producing the party static token comprises encrypting the combination of the encrypted host dynamic token, the encrypted false host dynamic token, and the encrypted information that uniquely identifies the party dynamic token. 3. The method recited in claim 2 wherein each of the encrypting steps is performed with a symmetric-key encryption algorithm. 4. The method recited in claim 3 wherein each of the encrypting steps is performed with a different key. 5. The method recited in claim 3 wherein encrypting the host dynamic token and encrypting the false host dynamic token are performed with the same key. 6. The method recited in claim 1 wherein the information that uniquely identifies the party dynamic token comprises a seed value and a complement to the party dynamic token, the method further comprising determining the complement to the party dynamic token from the seed value and the party dynamic token. 7. The method recited in claim 6 wherein determining the complement comprises: encrypting the seed value; selecting a portion of the encrypted seed value having a predetermined length to produce a natural party dynamic token; and calculating a difference between the natural party dynamic token and the party dynamic token. 8. The method recited in claim 6 further comprising generating the seed value randomly. 9. The method recited in claim 1 further comprising receiving the party dynamic token from the host system. 10. The method recited in claim 1 further comprising generating the party dynamic token randomly. 11. A method for transmitting party-identification information to a host system, the method comprising: receiving a party static token and a purported party dynamic token from a party; decrypting the party static token to extract an encrypted host dynamic token, an encrypted false host dynamic token, a host static token, and encrypted information that uniquely identifies a party dynamic token, wherein the host static token and host dynamic token identify the party to the host system and the false host dynamic token differs from the host dynamic token; generating the party dynamic token from the encrypted information that uniquely identifies the party dynamic token; and transmitting the host static token and a decrypted one of the host dynamic token and false host dynamic token to the host system depending on a comparison of the party dynamic token and purported party dynamic token. 12. The method recited in claim 11 further comprising decrypting the one of the host dynamic token and false host dynamic token depending on the comparison of the party dynamic token and purported party dynamic token. 13. The method recited in claim 11 wherein receiving the party static token and purported party dynamic token comprises receiving the party static token and purported party dynamic token over a public network from a public-network access device accessed by the party. 14. The method recited in claim 11 wherein receiving the party static token and purported party dynamic token comprises receiving the party static token and purported party dynamic token over a public network from an intermediary system accessed by the party with a public-network access device. 15. The method recited in claim 11 wherein generating the party dynamic token comprises: decrypting the encrypted information that uniquely identifies the party dynamic token to extract a seed value and a complement to the party dynamic token; and generating the party dynamic token from the seed value and the complement. 16. The method recited in claim 15 wherein generating the party dynamic token from the seed value and the complement comprises: encrypting the seed value; selecting a portion of the encrypted seed value having a predetermined length to produce a natural party dynamic token; and calculating a difference between the natural party dynamic token and the complement. 17. The method recited in claim 15 wherein each of the decrypting steps is performed with a symmetric-key decryption algorithm. 18. The method recited in claim 17 wherein each of the decrypting steps is performed with a different key. 19. A computer-readable storage medium having a computer-readable program embodied therein for directing operation of a token preparer including a communications system, a processor, and a storage device, wherein the computer-readable program includes instructions for operating the token preparer to generate a party static token to be used in combination with a party dynamic token for identifying a party to a host system in accordance with the following: receiving, with the communications system, identification information that identifies the party to the host system, the information comprising a host dynamic token and a host static token; generating, with the processor, a false host dynamic token, wherein the false host dynamic token differs from the host dynamic token; encrypting, with the processor, the host dynamic token; encrypting, with the processor, the false host dynamic token; encrypting, with the processor, information that uniquely identifies the party dynamic token; and producing, with the processor, the party static token from a combination of the encrypted host dynamic token, the encrypted false host dynamic token, and the encrypted information that uniquely identifies the party dynamic token. 20. The computer-readable storage medium recited in claim 19 wherein the instructions for producing the party static token comprise instructions for encrypting the combination of the encrypted host dynamic token, the encrypted false host dynamic token, and the encrypted information that uniquely identifies the party dynamic token. 21. The computer-readable storage medium recited in claim 19 wherein the information that uniquely identifies the party dynamic token comprises a seed value and a complement to the party dynamic token, the computer-readable program further including instructions for determining, with the processor, the complement to the party dynamic token from the seed value and the party dynamic token. 22. The computer-readable storage medium recited in claim 21 wherein the instructions for determining the complement comprise: instructions for encrypting, with the processor, the seed value; instructions for selecting, with the processor, a portion of the encrypted seed value having a predetermined length to produce a natural party dynamic token; and instructions for calculating, with the processor, a difference between the natural party dynamic token and the party dynamic token. 23. The computer-readable storage medium recited in claim 19 wherein the computer-readable program further includes instructions for receiving, with the communications system, the party dynamic token from the host system. 24. The computer-readable storage medium recited in claim 19 wherein the computer-readable program further includes instructions for generating, with the processor, the party dynamic token randomly. 25. A computer-readable storage medium having a computer-readable program embodied therein for directing operation of a public-network intercept including a communications system, a processor, and a storage device, wherein the computer-readable program includes instructions for operating the public-network intercept to transmit party-identification information to a host system in accordance with the following: receiving, with the communications system, a party static token and a purported party dynamic token from a party; decrypting, with the processor, the party static token to extract an encrypted host dynamic token, an encrypted false host dynamic token, a host static token, and encrypted information that uniquely identifies a party dynamic token, wherein the host static token and host dynamic token identify the party to the host system and the false host dynamic token differs from the host dynamic token; generating, with the processor, the party dynamic token from the encrypted information that uniquely identifies the party dynamic token; and transmitting, with the communications system, the host static token and a decrypted one of the host dynamic token and false host dynamic token to the host system depending on a comparison of the party dynamic token and purported party dynamic token. 26. The computer-readable storage medium recited in claim 25 wherein the computer-readable program further includes instructions for decrypting, with the processor, the one of the host dynamic token and false host dynamic token depending on the comparison of the party dynamic token and purported party dynamic token. 27. The computer-readable storage medium recited in claim 25 wherein the instructions for generating the party dynamic token comprise: instructions for decrypting, with the processor, the encrypted information that uniquely identifies the party dynamic token to extract a seed value and a complement to the party dynamic token; and instructions for generating, with the processor, the party dynamic token from the seed value and the complement. 28. The computer-readable storage medium recited in claim 27 wherein the instructions for generating the party dynamic token from the seed value and the complement comprise: instructions for encrypting, with the processor, the seed value; instructions for selecting, with the processor, a portion of the encrypted seed value having a predetermined length to produce a natural party dynamic token; and instructions for calculating, with the processor, a difference between the natural party dynamic token and the complement. 29. A computer-readable storage medium having stored thereon a data structure comprising: a first field containing data representing an encrypted host dynamic token; a second field containing data representing an encrypted false host dynamic token, wherein the false host dynamic token differs from the host dynamic token; a third field containing data representing a host static token, wherein a pairing of the host static token and host dynamic token provide information identifying a party to a host system and a pairing of the host static token and false host dynamic token do not provide information identifying the party to the host system; and a fourth field containing data that uniquely identify a party dynamic token that identifies the party when paired with the data structure. 30. The computer-readable storage medium recited in claim 29 wherein the first, second, third, and fourth fields are commonly encrypted with a first symmetric-key encryption algorithm. 31. The computer-readable storage medium recited in claim 30 wherein the host dynamic token and false host dynamic token are encrypted with a common second symmetric-key algorithm. 32. The computer-readable storage medium recited in claim 29 wherein the third field comprises: a first subfield containing data representing a seed value; and a second subfield containing data representing a party dynamic token complement, wherein the host dynamic token is equal to a result of applying a predetermined algorithm to the seed value, the party dynamic token complement, and the party dynamic token. 33. The method recited in claim 29 wherein the data contained by the third field are encrypted with a first symmetric-key algorithm that differs from a second symmetric-key algorithm under which the host dynamic token and false host dynamic token are commonly encrypted.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (37)
Davis Derek L. (Phoenix AZ), Apparatus and method for providing secured communications.
Muschellack,Erich; Soares de Casto,Marcelo; Lopez de Oliveira,Alexandre, Cash dispensing automated banking machine firmware authentication system and method.
Hosoe, Makoto, Client-server system, server access authentication method, memory medium stores server-access authentication programs, and issuance device which issues the memory medium contents.
Chen Qilun ; Murphy ; Jr. Thomas Edwin ; Rieth Paul Francis ; Stevens Jeffrey Scott, System and method for building and exchanging encrypted passwords between a client and server.
Berger David A. ; Weber Jay C. ; Madapurmath Vilas I., System, method and article of manufacture for virtual point of sale processing utilizing an extensible, flexible archite.
Saigh Michael M. ; Chang Edward H. ; Brockhouse Douglas B. ; Chang Hsiao-Shih, Systems and apparatus for electronic communication and storage of information.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Newton Farrell ; Williams Gareth, User identification and authentication system using ultra long identification keys and ultra large databases of identif.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.