IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0590415
(2005-02-23)
|
등록번호 |
US-8639628
(2014-01-28)
|
국제출원번호 |
PCT/US2005/005481
(2005-02-23)
|
§371/§102 date |
20061020
(20061020)
|
국제공개번호 |
WO2005/083610
(2005-09-09)
|
발명자
/ 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
4 인용 특허 :
7 |
초록
▼
A method for calculating a One Time Password. A secret is concatenated with a count, where the secret is uniquely assigned to a token. The secret can be a private key or a shared secret symmetric key. The count is a number that increases monotonically at the token with the number of one-time Passwor
A method for calculating a One Time Password. A secret is concatenated with a count, where the secret is uniquely assigned to a token. The secret can be a private key or a shared secret symmetric key. The count is a number that increases monotonically at the token with the number of one-time Passwords generated at the token. The count is also tracked at an authentication server, where it increases monotonically with each calculation of a one-time Password at the authentication server. An OTP can be calculated by hashing a concatenated secret and count. The result can be truncated.
대표청구항
▼
1. A method for calculating One Time Passwords, comprising: concatenating, by a computer, a secret with a count, where the secret is uniquely assigned to a token and is shared between the token and an authentication server, and the count is a number that increases monotonically at the token with a n
1. A method for calculating One Time Passwords, comprising: concatenating, by a computer, a secret with a count, where the secret is uniquely assigned to a token and is shared between the token and an authentication server, and the count is a number that increases monotonically at the token with a number of One Time Passwords generated by the token and increases monotonically at the authentication server with each calculation by the authentication server of a One Time Password;calculating, by the computer, a hash based upon the concatenated secret and count; andtruncating the result of the hash to obtain a new One Time Password. 2. A method for authenticating a request for access to a resource, comprising: receiving, by an authentication server, a request for authentication that includes a serial number that is uniquely associated with a token, a personal identification number associated with a user and a One Time Password generated by the token, wherein the One Time Password is based upon a value of a first count at the token and a secret shared between the token and the authentication server;retrieving, by the authentication server, a value of a second count that corresponds to the token based upon the serial number;retrieving, by the authentication server, the secret that corresponds to the token based upon the serial number;calculating, by the authentication server, a value of an additional One Time Password based upon retrieved values of the second count and the secret corresponding to the token;comparing the calculated One Time Password with the received One Time Password;if the calculated One Time Password corresponds to the received One Time Password, determining that the request is authenticated;if the calculated One Time Password does not correspond to the received One Time Password, then incrementing the value of the second count at the authentication server and recalculating the additional One Time Password based upon the incremented value of the second count and the secret, and comparing the recalculated One Time Password with the received One Time Password; andif the recalculated One Time Password does not correspond to the received One Time Password, then repeating to increment the second count and to recalculate the additional One Time Password until the recalculated One Time Password corresponds to the received One Time Password. 3. The method of claim 2, wherein the hash function is SHA-1. 4. The method of claim 2, wherein the secret is a symmetric cryptographic key. 5. The method of claim 2, wherein incrementing the count and recalculating the additional One Time Password is repeated a predetermined number of times, and if the recalculated One Time Password does not correspond to the received One Time Password by the end of the predetermined number of times, the request is determined to be not authenticated. 6. A method for authenticating a request for access to a resource, comprising: receiving, by an authentication server, a request for authentication that includes a username that is uniquely associated with a user, a personal identification number associated with a user and a One Time Password generated at a token, wherein the One Time Password is based upon a value of a first count at the token and a secret shared between the token and the authentication server;retrieving, by the authentication server, a value of a second count that corresponds to the token based upon the username;retrieving, by the authentication server, the secret that corresponds to the token based upon the username;calculating, by the authentication server, a value of an additional One Time Password based upon retrieved values of the count and the secret corresponding to the token;comparing the calculated One Time Password with the received One Time Password; andif the calculated One Time Password corresponds to the received One Time Password, determining that the request is authenticated;if the calculated One Time Password does not correspond to the received One Time Password, then incrementing the value of the second count at the authentication server and recalculating the additional One Time Password based upon the incremented count and the secret, and comparing the recalculated One Time Password with the received One Time Password; andif the recalculated One Time Password does not correspond to the received One Time Password, then repeating to increment the second count and to recalculate the additional One Time Password until the recalculated One Time Password corresponds to the received One Time Password. 7. The method of claim 6, wherein the hash function is SHA-1. 8. The method of claim 6, wherein the secret is a symmetric cryptographic key. 9. The method of claim 6, wherein incrementing the count and recalculating the additional One Time Password is repeated a predetermined number of times, and if the recalculated One Time Password does not correspond to the received One Time Password by the end of the predetermined number of times, the request is determined to be not authenticated. 10. The method of claim 2, wherein the secret is uniquely assigned to the token. 11. The method of claim 6, wherein the secret is uniquely assigned to the token.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.