Human input security codes
First Claim
1. One or more computer readable media having computer executable instructions, that when implemented, perform a method for generating a security code for communication by a human user to a device, the method comprising:
- a) generating a hash value based on a combination of a modifier and a first data value;
b) modifying the modifier;
c) repeating the operations of generating a hash value and modifying the modifier until a termination condition;
d) selecting a second hash value from the plurality of hash values;
e) generating a first hash value based on a combination of the modifier associated with the selected second hash value and a second data value; and
f) generating a security code for communication by the human user of the first device, the security code containing at least a portion of the first hash value.
2 Assignments
0 Petitions
Accused Products
Abstract
The hash extension technique used to generate an ECGA may be used to increase the strength of one-way hash functions and/or decrease the number of bits in any situation where some external requirement limits the number of hash bits, and that limit is below what is (or may be in the future) considered secure against brute-force attacks. For example, to decrease the length of human entered security codes (and maintain the same security), and/or to increase the strength of a human entered security code (and maintain the length of the security code), the security code may be generated and/or authenticated using an extended hash method.
174 Citations
20 Claims
-
1. One or more computer readable media having computer executable instructions, that when implemented, perform a method for generating a security code for communication by a human user to a device, the method comprising:
-
a) generating a hash value based on a combination of a modifier and a first data value;
b) modifying the modifier;
c) repeating the operations of generating a hash value and modifying the modifier until a termination condition;
d) selecting a second hash value from the plurality of hash values;
e) generating a first hash value based on a combination of the modifier associated with the selected second hash value and a second data value; and
f) generating a security code for communication by the human user of the first device, the security code containing at least a portion of the first hash value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method comprising:
-
a) computing a plurality of hash values using a second hash function until a termination condition, an input for each hash value in the plurality of hash values including a data value and a modifier;
b) selecting a second hash value from the plurality of hash values;
c) computing a first hash value using a first hash function, the input to the first hash function including a concatenation of the data value and the modifier of the selected second hash value, the first hash value being different from the second hash value; and
d) setting at least a portion of a security code to a portion of the first hash value, the security code being usable by a human user to authenticate the data value to a device. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method of authenticating a data value, the method comprising:
-
a) obtaining the data value;
b) receiving a security code as human input;
c) computing a first hash value of the data value;
d) comparing at least a portion of the first hash value with at least a portion of the security code;
e) computing a second hash value of the data value; and
f) checking that the second hash value belongs to a set of acceptable hash values.
-
-
20. The method of claim 26, further comprising:
-
g) decoding a hash indicator from a portion of the security code;
h) determining the set of acceptable hash values from the hash indicator.
-
Specification