Challenge response system and method
First Claim
2. The method of claim 1 further comprising the step of the authenticating device using the decrypted user password to carry out operations on the authenticating device.
4 Assignments
0 Petitions
Accused Products
Abstract
A challenge response scheme includes the authentication of a requesting device by an authenticating device. The authenticating device generates a challenge that is issued to the requesting device. The requesting device combines the challenge with a hash of a password provided by a user of the requesting device, and the combination of the hash of the password and the challenge is further hashed in order to generate a requesting encryption key that is used to encrypt the user supplied password. The encrypted user supplied password is sent to the authenticating device as a response to the issued challenge. The authenticating device generates an authenticating encryption key by generating the hash of a combination of the challenge and a stored hash of an authenticating device password. The authenticating encryption key is used to decrypt the response in order to retrieve the user-supplied password. If a hash of the user-supplied password matches the stored hash of the authenticating device password, then the requesting device has been authenticated and the authenticating device is in possession of the password.
-
Citations
21 Claims
- 2. The method of claim 1 further comprising the step of the authenticating device using the decrypted user password to carry out operations on the authenticating device.
-
11. A system for an authentication device to authenticate a requesting device, comprising:
-
a challenge generator for generating a challenge, a communications link for transmitting the challenge to the requesting device and receiving a response to the challenge from the requesting device, the response comprising a requesting password encrypted using a requesting encryption key, the requesting encryption key comprising a hash of a combination of the challenge and a hash of the requesting password;
a hash generator for generating an authenticating encryption key by hashing a combination of the challenge and a hash of a predetermined password;
a decryptor for decrypting the encrypted requesting password using the authenticating encryption key to obtain a decrypted response; and
a comparator for comparing a hash of the decrypted response with the hash of the predetermined password, whereby if the hash of the decrypted requesting password matches the hash of the predetermined password, the requesting device is authenticated. - View Dependent Claims (12, 13)
-
-
14. A method for securely transmitting information to a receiving device, the receiving device being provided with a hash of the information, a random number, and a receiving encryption key comprising a hash of the random number and the hash of the information, comprising the steps of:
-
receiving a random number from the receiving device;
encoding the information to produce a hash of the information;
combining the random number with the hash of the information;
hashing the combined random number and hash of the information to produce a transmitting encryption key;
encrypting the information using the transmitting encryption key;
transmitting the encrypted information to the receiving device for decryption by the receiving device using the receiving encryption key. - View Dependent Claims (1, 3, 4, 5, 6, 8, 9, 10, 15)
-
-
15-1. A computing device program product comprising code operative to perform the method of claim 14.
-
16. A method for a requesting device to be authenticated by an authenticating device, the requesting device receiving a user password, the authenticating device being provided with a hash of a predetermined password, a random number, and a receiving encryption key comprising a hash of the random number and the hash of the predetermined password, comprising the steps of the requesting device:
-
receiving a random number from the authenticating device;
encoding the user password to produce a hash of the user password;
combining the random number with the hash of the user password;
hashing the combined random number and hash of the user password to produce a transmitting encryption key;
encrypting the user password using the transmitting encryption key;
transmitting the encrypted user password to the authenticating device for authentication by decryption by the authenticating device using the receiving encryption key. - View Dependent Claims (17, 18, 19, 20, 21)
-
-
16-2. A method for authentication of a requesting device by an authenticating device, the requesting device and the authenticating device each being operative to carry out a one-way hash operation and to carry out a key-based encryption operation, the authenticating device storing a hash of a defined password generated by applying the hash operation to the defined password, the authenticating device being further operative to carry out a key-based decryption operation for decrypting values obtained from the encryption operation, the method comprising the steps of the authenticating device:
-
determining and transmitting a challenge to the requesting device;
receiving a response from the requesting device, the response comprising a requesting encryption key determined by carrying out the hash operation on a combination of the challenge and a hash of a received user password, the hash being defined by carrying out the hash operation on the received user password, defining an authenticating encryption key by carrying out the hash operation on a combination of the challenge and the hash of the defined password;
using the authenticating encryption key in the decryption operation to decrypt the response to obtain a decrypted user password and carrying out the one-way hash operation on the decrypted user password;
comparing the hash of the decrypted user password with the hash of the defined password to authenticate the requesting device when the comparison indicates a match.
-
Specification