Cryptographic data security system and method

US 20020087860A1
Filed: 10/19/2001
Published: 07/04/2002
Est. Priority Date: 10/20/2000
Status: Abandoned Application

First Claim

Patent Images

1. A method for enhancing trust in communications between a client device and a trusted server, comprising:

(a) generating a one-time password for use in communication from the device to the server;

(b) generating at least one one-time request-authentication datum comprising a function of at least a portion of a previous response from the server to a previous request from the device; and

(c) generating at least one one-time response-authentication datum comprising a function of at least a portion of at least one one-time password.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for communicating between a computer device and a trusted server is disclosed. According to the method of the invention, a one-time password for use in communication from the device to the server is generated. The device generates at least one one-time request-authentication datum that includes a function of at least a portion of a previous response from the server to a previous message from the device. The server then generates at least one one-time response authentication datum that includes a function of at least a portion of at least one one-time password.

54 Citations

View as Search Results

36 Claims

1. A method for enhancing trust in communications between a client device and a trusted server, comprising:
- (a) generating a one-time password for use in communication from the device to the server;
  
  (b) generating at least one one-time request-authentication datum comprising a function of at least a portion of a previous response from the server to a previous request from the device; and
  
  (c) generating at least one one-time response-authentication datum comprising a function of at least a portion of at least one one-time password.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, wherein said one-time request-authentication datum comprises a function of an encryption key.
  - 3. The method of claim 1, wherein said one-time response-authentication datum comprises a function of an encryption key.

4. A method for enhancing trust in communicating a data request from a client device, comprising:
- (a) generating a one-time password; and
  
  (b) generating at least one one-time request-authentication datum comprising a function of at least a portion of a previous response from a trusted server to a previous request from the device.
- View Dependent Claims (5)
- - 5. The method of claim 4, wherein said one-time request-authentication datum comprises a function of an encryption key.

6. A method for enhancing trust in communicating a response from a request from a client device to a trusted server, comprising:
- (a) receiving a request comprising a function of at least a portion of at least one one-time password shared between the device and said server; and
  
  (b) generating at least one one-time response-authentication datum comprising a function of at least a portion of at least one one-time password.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method of claim 6, wherein said one-time response-authentication datum comprises a function of an encryption key.
  - 8. The method of claim 6, wherein said request comprises an encrypted secret datum, wherein said server decrypts said encrypted secret datum to recover said secret datum.
  - 9. The method of claim 8, wherein a subsequent request comprises a function of at least a portion of at least one one-time password comprising at least a portion of at least one secret datum.
  - 10. The method of claim 6, wherein the one-time password comprised within the request is used by the server to locate an entry in its database corresponding to the particular client device.

11. A method for resynchronizing communication between a client device and a trusted server, comprising:
- (a) supplying a one-time password for use in communication from the device to the server;
  
  (b) supplying at least one one-time request-authentication datum comprising a function of at least a portion of a previous response from the server to a previous request from the device; and
  
  (c) supplying at least one one-time response-authentication datum comprising a function of at least a portion of at least one one-time password.
- View Dependent Claims (13, 15, 17, 18, 19)
- - 13. The method of claim 12, wherein said resynchronization request comprises an encrypted resynchronization datum that replaces a previous resynchronization datum.
  - 15. The method of claim 14, wherein said resynchronization response comprises an encrypted resynchronization datum that replaces a previous resynchronization datum.
  - 17. The system of claim 16, further comprising (a) an encryption algorithm, and (b) means for downloading said encryption algorithm to the client computer over said network connection, wherein said means for conducting communications of data with the client computer over the network connection is in accordance with said encryption algorithm and wherein said communications between the device and the server are conducted on an encrypted basis.
  - 18. The system of claim 16, wherein said one-time request-authentication datum comprises a function of an encryption key.
  - 19. The system of claim 16, wherein said one-time response-authentication datum comprises a function of an encryption key.

12. A method for enhancing trust in transmission of a resynchronization request from a client device, comprising:
- (a) supplying a one-time password; and
  
  (b) supplying at least one one-time request authentication datum comprising a function of at least a portion of a previous response from a trusted server to a request from the device.

14. A method for enhancing trust in transmission of a resynchronization response from a trusted server, comprising:
- (a) receiving a request comprising a one-time password associated with a client device; and
  
  (b) supplying at least one one-time response-authentication datum comprising a function of at least a portion of at least one one-time password.

16. A system for enhancing trust in communications between a client device and a trusted server, comprising:
- (a) means for establishing a network connection between the client device and the server; and
  
  (b) means for conducting communications of data with the client device over the network connection, wherein said communications between the device and the server are conducted in accordance with a method comprising;
  
  (i) generating a one-time password for use in communication from the device to the server;
  
  (ii) generating at least one one-time request-authentication datum comprising a function of at least a portion of a previous response from the server to a previous request from the device; and
  
  (iii) generating at least one one-time response-authentication datum comprising a function of at least a portion of at least one one-time password.

20. A system for enhancing trust in communicating a data request from a client device, comprising:
- (a) means for establishing a network connection between the client device and a trusted server; and
  
  (b) means for conducting communications of data with the client device over the network connection, wherein said communications between the device and the server are conducted in accordance with a method comprising;
  
  (i) generating a one-time password; and
  
  (ii) generating at least one one-time request-authentication datum comprising a function of at least a portion of a previous response from a trusted server to a previous request from the device.
- View Dependent Claims (21, 22, 24, 25, 26, 27, 28, 30)
- - 21. The system of claim 20, further comprising (a) an encryption algorithm, and (b) means for downloading said encryption algorithm to the client computer over said network connection, wherein said means for conducting communications of data with the client computer over the network connection is in accordance with said encryption algorithm and wherein said communications between the device and the server are conducted on an encrypted basis.
  - 22. The system of claim 20, wherein said one-time request-authentication datum comprises a function of an encryption key.
  - 24. The system of claim 23, further comprising (a) an encryption algorithm, and (b) means for downloading said encryption algorithm to the client computer over said network connection, wherein said means for conducting communications of data with the client computer over the network connection is in accordance with said encryption algorithm and wherein said communications between the device and the server are conducted on an encrypted basis.
  - 25. The system of claim 23, wherein said one-time response-authentication datum comprises a function of an encryption key.
  - 26. The system of claim 23, wherein said request comprises an encrypted secret datum, wherein said server decrypts said encrypted secret datum to recover said secret datum.
  - 27. The system of claim 26, wherein a subsequent request comprises a function of at least a portion of at least one one-time password comprising at least a portion of at least one secret datum.
  - 28. The method of claim 23, wherein the one-time password comprised within the request is used by the server to locate an entry in its database corresponding to the particular client device.
  - 30. The system of claim 29, further comprising (a) an encryption algorithm, and (b) means for downloading said encryption algorithm to the client computer over said network connection, wherein said means for conducting communications of data with the client computer over the network connection is in accordance with said encryption algorithm and wherein said communications between the device and the server are conducted on an encrypted basis.

23. A system for enhancing trust in communicating a response from a request from a client device to a trusted server, comprising:
- (a) means for establishing a network connection between the client device and the server; and
  
  (b) means for conducting communications of data with the client device over the network connection, wherein said communications between the device and the server are conducted in accordance with a method comprising;
  
  (i) receiving a request comprising a function of at least a portion of at least one one-time password shared between the device and said server; and
  
  (ii) generating at least one one-time response-authentication datum comprising a function of at least a portion of at least one one-time password.

29. A system for resynchronizing communication between a client device and a trusted server, comprising:
- (a) means for establishing a network connection between the client device and the server; and
  
  (b) means for conducting communications of data with the client device over the network connection, wherein said communications between the device and the server are conducted in accordance with a method comprising;
  
  (i) supplying a one-time password for use in communication from the device to the server;
  
  (ii) supplying at least one one-time request-authentication datum comprising a function of at least a portion of a previous response from the server to a previous request from the device; and
  
  (iii) supplying at least one one-time response-authentication datum comprising a function of at least a portion of at least one one-time password.

31. A system for enhancing trust in transmission of a resynchronization request from a client device, comprising:
- (a) means for establishing a network connection between the client device and a trusted server; and
  
  (b) means for conducting communications of data with the client device over the network connection, wherein said communications between the device and the server are conducted in accordance with a method comprising;
  
  (i) supplying a one-time password; and
  
  (ii) supplying at least one one-time request authentication datum comprising a function of at least a portion of a previous response from the server to a request from the device.
- View Dependent Claims (32, 33, 35, 36)
- - 32. The system of claim 31, further comprising (a) an encryption algorithm, and (b) means for downloading said encryption algorithm to the client computer over said network connection, wherein said means for conducting communications of data with the client computer over the network connection is in accordance with said encryption algorithm and wherein said communications between the device and the server are conducted on an encrypted basis.
  - 33. The system of claim 31, wherein said resynchronization request comprises an encrypted resynchronization datum that replaces a previous resynchronization datum.
  - 35. The system of claim 34, further comprising (a) an encryption algorithm, and (b) means for downloading said encryption algorithm to the client computer over said network connection, wherein said means for conducting communications of data with the client computer over the network connection is in accordance with said encryption algorithm and wherein said communications between the device and the server are conducted on an encrypted basis.
  - 36. The system of claim 34, wherein said resynchronization response comprises an encrypted resynchronization datum that replaces a previous resynchronization datum.

34. A system for enhancing trust in transmission of a resynchronization response from a trusted server, comprising:
- (a) means for establishing a network connection between a client device and the server; and
  
  (b) means for conducting communications of data with the client device over the network connection, wherein said communications between the device and the server are conducted in accordance with a method comprising;
  
  (i) receiving a request comprising a one-time password associated with a client device; and
  
  (ii) supplying at least one one-time response-authentication datum comprising a function of at least a portion of at least one one-time password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Power Medical Interventions, Inc. (Medtronic Plc), Wave Systems Corporation
Original Assignee
Power Medical Interventions, Inc. (Medtronic Plc)
Inventors
William Kravitz, David

Application Number

US10/010,995
Publication Number

US 20020087860A1
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/445   by mutual authentication, e...

G06F 2221/2129   Authenticate client device ...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0442   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0838   using one-time-passwords

H04L 63/123   received data contents, e.g...

H04L 9/0877   using additional device, e....

H04L 9/0894   Escrow, recovery or storing...

H04L 9/3228   One-time or temporary data,...

H04L 9/3271   using challenge-response

Cryptographic data security system and method

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

54 Citations

36 Claims

Specification

Use Cases

Quick Links

Others

Cryptographic data security system and method

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

36 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others