Mobile terminal for providing one time password and operating method thereof

US 10,057,254 B2
Filed: 12/22/2015
Issued: 08/21/2018
Est. Priority Date: 12/31/2014
Status: Active Grant

First Claim

Patent Images

1. A mobile terminal comprising:

a first one-time password (OTP) generating module configured to provide identification information regarding each of a plurality of pieces of OTP data to a user, and output an OTP provided according to any one identification information selected by the user; and

a second OTP generating module based on mobile trusted module (MTM) configured to transfer the identification information regarding each of the plurality of pieces of OTP data to the first OTP generating module according to a corresponding request from the first OTP generating module, generate an OTP by using OTP data corresponding to the selected identification information, and transfer the generated OTP to the first OTP generating module;

wherein the first OTP generating module comprises;

an OTP information providing unit configured to request a plurality of pieces of OTP data retained in the mobile terminal from the second OTP generating module, and provide identification information regarding each of the plurality of pieces of OTP data received from the second OTP generating module;

an OTP generation data transmitting unit configured to transmit the selected identification information and an input parameter for OTP generation to the second OTP generating module; and

an OTP output unit configured to receive the OTP generated by the second OTP generating module and output the received OTP; and

wherein the second OTP generating module comprises;

an OTP calculating unit configured to perform a calculation operation to generate an OTP;

an OTP storage unit configured to store a plurality of pieces of OTP data and identification information regarding each of the plurality of pieces of OTP data; and

an OTP control unit configured to control the OTP calculating unit to perform calculation by using a specific cryptographic engine on the basis of the selected identification information received from the first OTP generating module.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided are a mobile terminal for providing a one-time password (OTP) and an operation method thereof. The mobile terminal includes a first one-time password (OTP) generating module configured to provide identification information regarding each of a plurality of pieces of OTP data to a user, and output an OTP provided according to any one identification information selected by the user, and a second OTP generating module based on mobile trusted module (MTM) configured to transfer the identification information regarding each of the plurality of pieces of OTP data to the first OTP generating module according to a corresponding request from the first OTP generating module, generate an OTP by using OTP data corresponding to the selected identification information, and transfer the generated OTP to the first OTP generating module.

Citations

11 Claims

1. A mobile terminal comprising:
- a first one-time password (OTP) generating module configured to provide identification information regarding each of a plurality of pieces of OTP data to a user, and output an OTP provided according to any one identification information selected by the user; and
  
  a second OTP generating module based on mobile trusted module (MTM) configured to transfer the identification information regarding each of the plurality of pieces of OTP data to the first OTP generating module according to a corresponding request from the first OTP generating module, generate an OTP by using OTP data corresponding to the selected identification information, and transfer the generated OTP to the first OTP generating module;
  
  wherein the first OTP generating module comprises;
  
  an OTP information providing unit configured to request a plurality of pieces of OTP data retained in the mobile terminal from the second OTP generating module, and provide identification information regarding each of the plurality of pieces of OTP data received from the second OTP generating module;
  
  an OTP generation data transmitting unit configured to transmit the selected identification information and an input parameter for OTP generation to the second OTP generating module; and
  
  an OTP output unit configured to receive the OTP generated by the second OTP generating module and output the received OTP; and
  
  wherein the second OTP generating module comprises;
  
  an OTP calculating unit configured to perform a calculation operation to generate an OTP;
  
  an OTP storage unit configured to store a plurality of pieces of OTP data and identification information regarding each of the plurality of pieces of OTP data; and
  
  an OTP control unit configured to control the OTP calculating unit to perform calculation by using a specific cryptographic engine on the basis of the selected identification information received from the first OTP generating module.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The mobile terminal of claim 1, wherein the first OTP generating module and the second OTP generating module are independently configured on the basis of separate hardware.
  - 3. The mobile terminal of claim 1, wherein the OTP calculating unit includes a plurality of cryptographic engines for processing a plurality of cipher algorithms, and performs a calculation operation to generate the OTP by using the specific cryptographic engine according to the selected identification information.
  - 4. The mobile terminal of claim 1, wherein the OTP calculating unit performs a calculation operation to generate the OTP by using the input parameter received from the first OTP generating module and OTP data corresponding to the specific identification information.
  - 5. The mobile terminal of claim 1, wherein the second OTP generating module is configured within an MTM.
  - 6. The mobile terminal of claim 1, wherein each of the plurality of pieces of OTP data is seed information used as a basic input value for generating an OTP and user-specific information, and is registered as the same value in an authentication server from which authentication is to be requested using an OTP, in advance.
  - 7. The mobile terminal of claim 1, wherein the identification information includes identifiable information with respect to the plurality of pieces of OTP data, is stored together with the OTP data, and includes at least one of application information, identification (ID) information, and information regarding a used cryptographic engine.

8. A method for generating a one-time password (OTP) by a first OTP generating module and a mobile trusted module (MTM) based second OTP generating module of a mobile terminal, the method comprising:
- transmitting, by the second OTP generating module, identification information regarding each of a plurality of pieces of OTP data to the first OTP generating module,providing, by the first OTP generating module, the identification information regarding each of a plurality of pieces of OTP data to a user;
  
  transmitting, by the first OTP generating module, any one identification information selected by the user and time information to the second OTP generating module;
  
  receiving, by the second OTP generating module, the identification information selected by the user and the time information from the first OTP generating module;
  
  performing a calculation, by the second OTP generating module, to generate an OTP by using OTP data corresponding to the selected identification information and the time information;
  
  providing, by the second OTP generating module, an OTP generated according to the calculation result to the first OTP generating module; and
  
  receiving, by the first OTP generating module, the OTP generated by the second OTP generating module and outputting the received OTP;
  
  wherein the identification information includes identifiable information with respect to the plurality of pieces of OTP data, is stored together with the OTP data, and includes at least one of application information, identification (ID) information, and information regarding a used cryptographic engine,wherein the performing the calculation includes performing a calculation operation for generating the OTP by using a specific cryptographic engine according to the selected identification information among a plurality of cryptographic engines for providing a plurality of cipher algorithms.
- View Dependent Claims (9, 10, 11)
- - 9. The method of claim 8, wherein the second OTP generating module is independently configured on the basis of hardware separately from the first OTP generating module.
  - 10. The method of claim 8, wherein each of the plurality of pieces of OTP data is seed information used as a basic input value for generating an OTP and user-specific information, and is registered as the same value in an authentication server from which authentication is to be requested using an OTP, in advance.
  - 11. The method of claim 8, wherein the transmitting comprises:
    - receiving a request for transmission of a plurality of pieces of OTP data retained in the mobile terminal from the first OTP generating module; and
      
      transmitting identification information corresponding to each of the plurality of pieces of OTP data to the first OTP generating module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Electronics and Telecommunications Research Institute
Original Assignee
Electronics and Telecommunications Research Institute
Inventors
Kim, Young Sae
Primary Examiner(s)
Kabir, Jahangir

Application Number

US14/978,758
Publication Number

US 20160191504A1
Time in Patent Office

973 Days
Field of Search

726 6, 726 9
US Class Current
CPC Class Codes

H04L 63/0838   using one-time-passwords

H04L 63/0853   using an additional device,...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/068   using credential vaults, e....

Mobile terminal for providing one time password and operating method thereof

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Mobile terminal for providing one time password and operating method thereof

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links