Security token

US 20050050330A1
Filed: 08/27/2003
Published: 03/03/2005
Est. Priority Date: 08/27/2003
Status: Abandoned Application

First Claim

Patent Images

1. A security token, comprising:

a one-time password mechanism, for rendering one-time password functionality;

a public-key mechanism, for rendering public-key functionality with respect to said one-time password functionality; and

communication means for connecting said security token to said host and for providing to said security token the power supply required for operating at least said public-key mechanism.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security token, a security system and a method for authenticating a client are disclosed. The security token including a one-time password mechanism, for rendering one-time password functionality; a public-key mechanism, for rendering public-key functionality with respect to the one-time password functionality; and wired communication means with a host, for connecting the security token to the host and for providing the security token the power supply required for operating at least the public-key mechanism, thereby enabling rendering one-time password functionality and/or public-key functionality by the security token.

96 Citations

View as Search Results

22 Claims

1. A security token, comprising:
- a one-time password mechanism, for rendering one-time password functionality;
  
  a public-key mechanism, for rendering public-key functionality with respect to said one-time password functionality; and
  
  communication means for connecting said security token to said host and for providing to said security token the power supply required for operating at least said public-key mechanism.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A security token according to claim 1, further comprising a display, for displaying at least said one-time password.
  - 3. A security token according to claim 1, further comprising a smartcard chip, for secure storage of keys and for rendering security-related functionality.
  - 4. A security token according to claim 1, wherein said one-time password mechanism comprise means for generating a one-time value, said means selected from a group comprising:
    - a real-time clock, and a counter.
  - 5. A security token according to claim 1, wherein said communication means is selected from a group comprising:
    - a display for displaying the password and thereafter manually providing the displayed value to a host, means for connecting said security token to said host via a wired connection, and means for connecting said security token to said host via a wireless connection.
  - 6. A security token according to claim 5, wherein said wired communication means further comprise means for providing a power supply to said security token.
  - 7. A security token according to claim 5, further comprising a chargeable power source, to be charged by the power supplied via said communication means, for providing the power for operating said security token while not connected to said host.

8. A one-time password security token, for securely providing a one-time value to a host system, said one-time password security token comprising:
- means for generating said one-time value;
  
  a public-key infrastructure mechanism, for performing public-key functionality with respect to said one-time value; and
  
  communication means for connecting said security token with said host and for providing said encrypted one-time value to said host.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. A one-time password security token according to claim 8, wherein said public-key functionality with respect to said one-time value is selected from a group comprising:
    - encrypting said one-time value by said public-key functionality, and digitally signing said one-time password.
  - 10. A one-time password security token according to claim 8, further comprising a display, for displaying at least the encrypted one-time value.
  - 11. A one-time password security token according to claim 8, further comprising a smartcard chip, for rendering security-related functionality.
  - 12. A one-time password security token according to claim 8, wherein said one-time value is selected from a group comprising:
    - the real-time, the value of a counter, and a group of random numbers.
  - 13. A one-time password security token according to claim 8, wherein said communication means is selected from a group comprising:
    - a display for displaying the password and thereafter manually providing the displayed value to said host, wired communication means with said host, wireless communication means with said host.
  - 14. A one-time password security token according to claim 11, wherein said wired communication means further comprise means for providing a power supply to said security token.
  - 15. A one-time password security token according to claim 8, further comprising a chargeable power source, to be charged by the power supplied by said communication means, for providing the power for operating said security token while not connected to said host.

16. A security system comprising:
- at least one security token comprising;
  
  a one-time password mechanism, for rendering one-time password functionality;
  
  a public-key mechanism, for rendering public-key functionality with respect to said one-time password functionality; and
  
  communication means for connecting said security token to said host and for providing to said security token the power supply required for operating at least said public-key mechanism;
  
  a host system, comprising;
  
  a one-time password mechanism, corresponding to the one-time password mechanism of said at least one security token, for rendering one-time password functionality;
  
  a public-key mechanism, corresponding to the public-key mechanism of said at least one security token, for rendering public-key functionality;
  
  communication means, corresponding to the communication means of said at least one security token, for communicating with said at least one security token and for providing to said token the power supply required for operating at least the public-key mechanism of said security token.
- View Dependent Claims (17, 18)
- - 17. A system according to claim 16, wherein said communication means is selected from a group comprising:
    - a display embedded within each of said at least one security token, for displaying the password and thereafter manually providing the displayed value to said host, wired communication means through which said at least one security token can be provided with the power supply required for performing public-key operations.
  - 18. A system according to claim 16, wherein each of said at least one security token further comprising chargeable power source, to be charged via the power supply provided by said communication means, for providing the power for operating said at least one processor while not connected to said host, thereby enabling to operate said security token without external power supply.

19. A method for authenticating a client by a host system, said method comprising:
- at said client side;
  
  (a) generating a first one-time value;
  
  (b) performing public-key functionality with respect to said one-time value;
  
  (c) providing said value to said host system;
  
  at said host system side;
  
  (d) performing public-key functionality which corresponds to the public key functionality performed at step (b) with the provided value;
  
  (e) generating a second one-time value in substantially the same manner as said first one-time value is generated;
  
  authenticating said client by the correspondence of said second value to said first value.
- View Dependent Claims (20, 21, 22)
- - 20. A method according to claim 19, wherein said public-key functionality with respect to said one-time value is selected from a group comprising:
    - encrypting said one-time value, and digitally signing said one-time value.
  - 21. A method according to claim 19, wherein said client is a security token.
  - 22. A method according to claim 19, wherein providing the encrypted value to said host is carried out by a member of a group comprising:
    - displaying said encrypted value at the client side and thereafter manually providing the displayed value to said host, means for connecting said security token to said host via a wired connection, and means for connecting said security token to said host via a wireless connection.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aladdin Knowledge Systems Incorporated (Thales SA)
Original Assignee
Aladdin Knowledge Systems Incorporated (Thales SA)
Inventors
Agam, Leedor, Margalit, Yanki, Margalit, Dany

Application Number

US10/649,169
Publication Number

US 20050050330A1
Time in Patent Office

Days
Field of Search
US Class Current

713/172
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

G07F 7/1025   Identification of user by a...

G07F 7/1083   Counting of PIN attempts

Security token

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

96 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Security token

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

96 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links