Personal authentication device and system and method thereof
First Claim
1. A personal authentication device (PAD) comprising:
- at least one storage medium storing at least one CA public key, each public key associated with a certificate authority (CA);
one or more input means for receiving one or more digital certificates;
a processing component for authenticating the one or more received digital certificates using the at least one stored CA public key, and generating at least one service key based on the one or more authenticated digital certificates; and
an output means for outputting at least one service key.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides a flexible, tamper-resistant authentication system, or personal authentication device (PAD), which can support applications in authentication, authorization and accounting. The PAD stores at least one public key associated with a certificate authority (CA) and receives one or more digital certificates, which may be authenticated based on the stored CA public keys. The PAD outputs a service key that, depending on the application, may be used to gain access to a controlled space, obtain permission for taking a certain action, or receive some service. The operation of the PAD and the nature of the service key may be determined by digital certificates that it receives during operation. Finally, using a stored PAD private key that is kept secret, the PAD may perform a variety of security-related tasks, including authenticating itself to a user, signing service keys that it produces, and decrypting content on received digital certificates.
-
Citations
57 Claims
-
1. A personal authentication device (PAD) comprising:
-
at least one storage medium storing at least one CA public key, each public key associated with a certificate authority (CA);
one or more input means for receiving one or more digital certificates;
a processing component for authenticating the one or more received digital certificates using the at least one stored CA public key, and generating at least one service key based on the one or more authenticated digital certificates; and
an output means for outputting at least one service key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. An authentication method comprising:
-
storing on a personal authentication device (PAD) at least one CA public key, each public key associated with a certificate authority (CA);
receiving one or more digital certificates;
authenticating the one or more received digital certificates using the at least one stored CA public key;
generating at least one service key based on the one or more authenticated digital certificates; and
outputting the at least one service key. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57)
-
Specification