Systems and methods for password-based connection

US 20040073795A1
Filed: 10/10/2002
Published: 04/15/2004
Est. Priority Date: 10/10/2002
Status: Abandoned Application

First Claim

Patent Images

1. A cryptographic system that allows secure connection of two devices over an open network, comprising:

a first device;

a second device; and

a password and a shared key that are established in a cryptographic protocol between the first and second devices, which password is communicated in an out-of-band process by one or more users of the devices to selectively allow secure connection of the two devices.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Cryptographic systems and methods that allow secure connection of two devices over an open network, using passwords communicated in an out-of-band process. One-time versus static passwords, active versus passive models of user participation, and different combinations of password-input and password-output mechanisms may be employed. The present invention uses either a password agreement protocol or a zero-knowledge password proof to securely establish a shared password and a shared key between two parties, and incorporates explicit steps to insure that the user(s) of the system authenticates that the same password, and thus the same key, is used at both devices.

Citations

19 Claims

1. A cryptographic system that allows secure connection of two devices over an open network, comprising:
- a first device;
  
  a second device; and
  
  a password and a shared key that are established in a cryptographic protocol between the first and second devices, which password is communicated in an out-of-band process by one or more users of the devices to selectively allow secure connection of the two devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The cryptographic system recited in claim 1 wherein the password is established using a password agreement protocol.
  - 3. The cryptographic system recited in claim 1 wherein knowledge of the password is communicated using a zero-knowledge password proof.
  - 4. The cryptographic system recited in claim 3 wherein the zero-knowledge password proof comprises a password-authenticated key agreement protocol.
  - 5. The cryptographic system recited in claim 1 wherein the password is established using an ephemeral password agreement protocol.
  - 6. The cryptographic system recited in claim 1 wherein an Out-Out password device connection protocol is employed wherein the first and second devices use a password agreement protocol to establish a shared password and a shared key, each device displays the shared password to its respective user, each user is given an opportunity to check to see if the password matches the password displayed on the other device, after which each user accepts or rejects the password to selectively allow secure connection of the two devices.
  - 7. The cryptographic system recited in claim 6 wherein the first and second devices comprises a light-emitting diode (LED) display and a synchronized blinking pattern corresponding to the password is output on each device.
  - 8. The cryptographic system recited in claim 6 wherein the first and second devices comprises a speaker and a synchronized beeping pattern corresponding to the password is output on each device.
  - 9. The cryptographic system recited in claim 1 wherein an Out-In password device connection protocol is employed wherein the first and second devices use a password agreement protocol to establish a shared password and a shared key, the first device displays the shared password to its user who conveys the password to the second device, the password is entered into the second device, and the shared password is verified by the second device to allow secure connection of the two devices.
  - 10. The cryptographic system recited in claim 1 wherein an Out-In password device connection protocol is employed wherein the first and second devices use a password authenticated key agreement protocol to derive a shared key from a password, the first device displays the shared password to its user who conveys the password to the second device, the password is entered into the second device, and the shared password is verified to allow secure connection of the two devices.

11. A cryptographic method that allows secure connection of two devices over an open network, comprising the steps of:
- providing a first device;
  
  providing a second device;
  
  establishing a password in an out-of-band process between users of the first and second devices; and
  
  evaluating the password by the respective users to selectively allow secure connection of the two devices.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The cryptographic method recited in claim 11 wherein the password is established between the first device and the second device using a password agreement protocol.
  - 13. The cryptographic method recited in claim 11 wherein the password is evaluated and verified using a zero-knowledge password proof.
  - 14. The cryptographic method recited in claim 13 wherein the zero-knowledge password proof comprises a password-authenticated key agreement protocol.
  - 15. The cryptographic method recited in claim 11 wherein the password is established using an ephemeral password agreement protocol.
  - 16. The cryptographic method recited in claim 11 wherein an Out-Out password device connection protocol is employed which comprises the steps of:
    - using a password agreement protocol with the first and second devices to establish a shared password and a shared key;
      
      displaying the shared password to a respective user of each device;
      
      checking to see if the password displayed on one device matches the password displayed on the other device; and
      
      accepting or rejecting the password to selectively allow secure connection of the two devices.
  - 17. The cryptographic method recited in claim 16 wherein the step of displaying the shared password comprises the step of displaying a synchronized blinking pattern corresponding to the password on the first and second devices using a light-emitting diode (LED) display.
  - 18. The cryptographic method recited in claim 16 wherein the step of displaying the shared password comprises the step of outputting a synchronized sound corresponding to the password.
  - 19. The cryptographic method recited in claim 11 wherein an Out-In password device connection protocol is employed which comprises the steps of:
    - using a password agreement protocol with the first and second devices to establish a shared password and a shared key;
      
      displaying the shared password to a user of the first device;
      
      conveying the password to the second device;
      
      entering the password into the second device;
      
      verifying that the password displayed on the second device matches the password displayed on the first device; and
      
      accepting or rejecting the password to selectively allow secure connection of the two devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Phoenix Technologies Limited (Pharaoh Acquisition LLC)
Original Assignee
Phoenix Technologies Limited (Pharaoh Acquisition LLC)
Inventors
Jablon, David P.

Application Number

US10/268,160
Publication Number

US 20040073795A1
Time in Patent Office

Days
Field of Search
US Class Current

713/171
CPC Class Codes

H04L 63/18   using different networks or...

H04L 9/0844   with user authentication or...

H04L 9/3218   using proof of knowledge, e...

H04W 12/06   Authentication

H04W 12/50   Secure pairing of devices

H04W 12/65   Environment-dependent, e.g....

H04W 84/18   Self-organising networks, e...

Systems and methods for password-based connection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for password-based connection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links