System and method for acoustic two factor authentication
First Claim
1. A method for authentication, comprising:
- providing at least a PIN and a confidential public key to an authorizing computer;
establishing a communication link between the authorizing computer and at least one receiver remote from the computer, the communication link not being constrained to be secure;
receiving, at the receiver, at least one acoustic signal representative of at least one private key-generated signal, the receiver transforming the acoustic signal to a signature signal;
receiving, at the receiver, the PIN, the PIN being received separately from the acoustic signal;
encrypting the signature signal with the PIN to render an encrypted signature signal; and
sending the encrypted signature signal to the authorizing computer for verification of the signature using the PIN and confidential public key.
1 Assignment
0 Petitions
Accused Products
Abstract
A hand-held token can be operated to generate an acoustic or other wireless signal representing a digital signature produced from the private key of a public key/private key pair, with the public key being confidential in that it is known only to authorized entities, such as bank computers. The signal from the token can be received by, e.g., a receiver at a bank ATM that also requires a PIN for account access. The user enters the PIN into the ATM, and the ATM encrypts the signal from the token with the PIN and sends it on to the bank computer over a link that need not be secure, since even if the PIN is guessed there is no way to verify that it is the correct PIN without also knowing the confidential public key held by the bank computer.
128 Citations
22 Claims
-
1. A method for authentication, comprising:
-
providing at least a PIN and a confidential public key to an authorizing computer;
establishing a communication link between the authorizing computer and at least one receiver remote from the computer, the communication link not being constrained to be secure;
receiving, at the receiver, at least one acoustic signal representative of at least one private key-generated signal, the receiver transforming the acoustic signal to a signature signal;
receiving, at the receiver, the PIN, the PIN being received separately from the acoustic signal;
encrypting the signature signal with the PIN to render an encrypted signature signal; and
sending the encrypted signature signal to the authorizing computer for verification of the signature using the PIN and confidential public key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for two-factor authentication over a link not constrained to be secure, comprising:
-
at least one portable token generating at least one wireless signal representing a digitally signed message;
at least one receiver receiving the wireless signal and a PIN, the PIN being received separately from the wireless signal, the receiver encrypting the signed message with the PIN to render an encrypted signed message; and
at least one authorizing computer receiving at least the encrypted signed message over the link, the authorizing computer accessing the PIN and a confidential public key to attempt to verify the signed message. - View Dependent Claims (10, 11, 12, 22)
-
-
13. A system for authentication including an authorizing computer accessing at least a PIN and a confidential public key and communicating over a link with at least one receiver remote from the computer, the communication link not being constrained to be secure, the system comprising:
-
means for receiving, at the receiver, at least one wireless signal representative of at least one digital signature produced from a private key, the receiver transforming the wireless signal to a signature signal;
means for receiving, at the receiver, the PIN; and
means for encrypting the signature signal with the PIN to render an encrypted signature signal, wherein the encrypted signature signal is sent to the authorizing computer over the link for verification of the signature using the PIN and confidential public key. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
Specification