×

Authentication protocol

  • US 20050022020A1
  • Filed: 07/10/2003
  • Published: 01/27/2005
  • Est. Priority Date: 07/10/2003
  • Status: Active Grant
First Claim
Patent Images

1. An authentication protocol for increasing safety against a man-in-the-middle computer access attack for point-to-point communication, between a client computer and a server, to services in at least one of a network for data and telecommunication utilizing a challenge-response pattern, comprising:

  • transmitting through a client computer an authentication request containing a clients username to a server providing said services, said server identifying said client computer IP address and a client password accessible by the server through the transmitted username;

    said server responding with an N byte nonce numerical value;

    said client computer utilizing a hash algorithm to compute a hash value of at least the parameters clients password, client computer unique IP address, server unique IP address, and said nonce value;

    transmitting said hash value through said client computer as an authenticator for accessing said services; and

    said server reproducing said authenticator by utilizing said hash algorithm and the parameters clients accessible password, client computer unique IP address, server unique IP address, and said nonce value, comparing the reproduction with the transmitted authenticator, and granting an access to said server and services if said reproduced authenticator matches said transmitted, thus by utilizing said client computer unique IP address and said server unique IP address in said authenticator preventing a man-in-the-middle computer, having a different IP address, from addressing said server with a matching authenticator.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×