Systems and methods for device authentication
First Claim
1. A system for authenticating a first computing device to a second computing device through interaction with a third computing device, comprising:
- the first computing device, comprising;
a communication interface; and
a processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising;
obtaining a first transitory identity at the first computing device;
sending the first transitory identity to the second computing device and to the third computing device;
receiving a second transitory identity from the second computing device;
sending an authentication query including the second transitory identity to the third computing device; and
receiving from the third computing device an indication of whether the second computing device is authenticated;
the second computing device, comprising;
a communication interface; and
a processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising;
obtaining a second transitory identity at the second computing device;
sending the second transitory identity to the first computing device and to the third computing device;
receiving the first transitory identity from the first computing device;
sending an authentication query including the first transitory identity to the third computing device; and
receiving from the third computing device an indication of whether the first computing device is authenticated; and
the third computing device, comprising;
a communication interface; and
a processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising;
receiving the first transitory identity from the first computing device;
receiving an authentication query comprising the first transitory identity from the second computing device;
determining whether the first transitory identity from the second computing device matches the first transitory identity from the first computing device;
sending to the second computing device an indication of whether the first computing device is authenticated based on the determination of whether the first transitory identity from the second computing device matches the first transitory identity from the first computing device;
receiving the second transitory identity from the second computing device;
receiving an authentication query comprising the second transitory identity from the first computing device;
determining whether the second transitory identity from the first computing device matches the second transitory identity from the second computing device; and
sending to the first computing device an indication of whether the second computing device is authenticated based on the determination of whether the second transitory identity from the first computing device matches the second transitory identity from the second computing device.
4 Assignments
0 Petitions
Accused Products
Abstract
Embodiments include methods, and systems and computing devices configured to implement the methods of authenticating a computing device. A processor of a first computing device may obtain a transitory identity and may send the transitory identity to a second computing device and a third computing device. A processor of the second computing device may send the transitory identity to the third computing device with a request to authenticate the first computing device. The processor of the third computing device may authenticate the identity of the first computing device in response to determining that the transitory identity received from the first computing device matches the transitory identity received from the second computing device.
-
Citations
37 Claims
-
1. A system for authenticating a first computing device to a second computing device through interaction with a third computing device, comprising:
-
the first computing device, comprising; a communication interface; and a processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising; obtaining a first transitory identity at the first computing device; sending the first transitory identity to the second computing device and to the third computing device; receiving a second transitory identity from the second computing device; sending an authentication query including the second transitory identity to the third computing device; and receiving from the third computing device an indication of whether the second computing device is authenticated; the second computing device, comprising; a communication interface; and a processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising; obtaining a second transitory identity at the second computing device; sending the second transitory identity to the first computing device and to the third computing device; receiving the first transitory identity from the first computing device; sending an authentication query including the first transitory identity to the third computing device; and receiving from the third computing device an indication of whether the first computing device is authenticated; and the third computing device, comprising; a communication interface; and a processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising; receiving the first transitory identity from the first computing device; receiving an authentication query comprising the first transitory identity from the second computing device; determining whether the first transitory identity from the second computing device matches the first transitory identity from the first computing device; sending to the second computing device an indication of whether the first computing device is authenticated based on the determination of whether the first transitory identity from the second computing device matches the first transitory identity from the first computing device; receiving the second transitory identity from the second computing device; receiving an authentication query comprising the second transitory identity from the first computing device; determining whether the second transitory identity from the first computing device matches the second transitory identity from the second computing device; and sending to the first computing device an indication of whether the second computing device is authenticated based on the determination of whether the second transitory identity from the first computing device matches the second transitory identity from the second computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A first computing device, comprising:
-
a communication interface; and a processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising; obtaining a first transitory identity having a validity duration that is shorter that a time required by an attacker to exploit the first transitory identity; sending the first transitory identity to a second computing device and to a third computing device; receiving a second transitory identity from the second computing device; sending an authentication query including the second transitory identity to the third computing device; determining whether an indication of authentication success or an indication of authentication failure is received from the third computing device; performing an information transaction with the second computing device in response to determining that an indication of authentication success is received; and obtaining a new first transitory identity after the validity duration expires. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
-
23. A computing device, comprising:
-
a communication interface; and a processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising; receiving from a first other computing device a request to perform an information transaction; receiving from the first other computing device a transitory identity of the first other computing device, the transitory identity having a validity duration that is shorter than a time required by an attacker to exploit the first transitory identity; sending a request to a second other computing device to confirm an identity of the first other computing device; receiving from the second other computing device an indication of whether the identity of the first other computing device is confirmed; sending an indication of whether performance of the information transaction is enabled based on the indication of whether the identity of the first other computing device is confirmed; and receiving from the first other computing device a new transitory identity after the validity duration expires. - View Dependent Claims (24, 25, 26)
-
-
27. A computing device configured to communicate with a first other computing device and a second other computing device, comprising:
-
a communication interface; and a processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising; receiving from the first other computing device a first transitory identity having a validity duration that is shorter than a time required by an attacker to exploit the first transitory identity; receiving an authentication query comprising the first transitory identity from the second other computing device; determining whether the first transitory identity from the first other computing device matches the first transitory identity from the second other computing device; sending to the second other computing device an indication of whether the first other computing device is authenticated based on the determination of whether the first transitory identity from the first other computing device matches the first transitory identity from the second other computing device; and receiving from the first other computing device a new transitory identity after the validity duration expires. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A method of authenticating interactions between a first computing device and a second computing device with support of a third computing device, the method comprising:
-
obtaining a first transitory identity at the first computing device; sending the first transitory identity to the second computing device and to the third computing device; receiving in the second computing device the first transitory identity from the first computing device; obtaining a second transitory identity at the second computing device; sending the second transitory identity from the second computing device to the first computing device and to the third computing device; receiving in the first computing device the second transitory identity from the second computing device; sending an authentication query including the second transitory identity from the first computing device to the third computing device; sending an authentication query including the first transitory identity from the second computing to the third computing device; receiving in the third computing device the first transitory identity from the first computing device; receiving in the third computing device from the second computing device the authentication query comprising the first transitory identity; determining in the third computing device whether the first transitory identity from the second computing device matches the first transitory identity from the first computing device; sending by the third computing device to the second computing device an indication of whether the first computing device is authenticated based on the determination of whether the first transitory identity from the second computing device matches the first transitory identity from the first computing device; receiving in the third computing device the second transitory identity from the second computing device; receiving in the third computing device an authentication query comprising the second transitory identity from the first computing device; determining by the third computing device whether the second transitory identity from the first computing device matches the second transitory identity from the second computing device; sending by the third computing device to the first computing device an indication of whether the second computing device is authenticated based on the determination of whether the second transitory identity from the first computing device matches the second transitory identity from the second computing device; receiving in the first computing device from the third computing device an indication of whether the second computing device is authenticated; and receiving in the second computing device from the third computing device an indication of whether the first computing device is authenticated.
-
Specification