System and method for authentication seed distribution
First Claim
1. A method for distributing seed information associated with a device, comprising the steps of:
- generating a master seed associated with the device;
deriving a derived seed using the master seed and information associated with a security sysem; and
transmitting the derived seed to the security system.
14 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment of a user authentication system and method according to the invention, a device shares a secret, referred to as a master seed, with a server. The device and the server both derive one or more secrets, referred to as verifier seeds, from the master seed, using a key derivation function. The server shares a verifier seed with one or more verifiers. The device, or an entity using the device, can authenticate with one of the verifiers using the appropriate verifier seed. In this way, the device and the verifier can share a secret, the verifier seed for that verifier, without that verifier knowing the master seed, or any other verifier seeds. Thus, the device need only store the one master seed, have access to the information necessary to correctly derive the appropriate seed, and have seed derivation capability. A verifier cannot compromise the master seed, because the verifier does not have access to the master seed.
-
Citations
14 Claims
-
1. A method for distributing seed information associated with a device, comprising the steps of:
-
generating a master seed associated with the device;
deriving a derived seed using the master seed and information associated with a security sysem; and
transmitting the derived seed to the security system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14-29. -29. (canceled)
Specification