Mutual authentication between two parties using two consecutive one-time passwords
First Claim
1. A method for authentication, the method comprising:
- receiving a unique identifier associated with a user and a first one-time password, the first one-time password being generated using a first cryptographic algorithm;
authenticating the user based on the unique identifier and the first one-time password;
generating, in response to the user being authenticated, a second one-time password using a second cryptographic algorithm, the second cryptographic algorithm being associated with the first cryptographic algorithm; and
transmitting, in response to the user being authenticated, the second one-time password to the user, the first and second one-time passwords expiring after the second one-time password being transmitted to the user.
1 Assignment
0 Petitions
Accused Products
Abstract
A communication system and method are configured for mutual authentication between two parties. In one embodiment a first party generates a first one-time password and sends it to a second party. The second party authenticates the first party by generating a one-time password using the same algorithm, secrets and parameters and matching it with the received first one-time password. If the received first one-time password matches with a generated password, the second party generates a consecutive one-time password, and sends it to the first party. The first party authenticates the consecutive one-time password by generating a one-time password consecutive to the first one-time password and matching with the received consecutive one-time password. If they match, the mutual authentication is completed successfully.
70 Citations
32 Claims
-
1. A method for authentication, the method comprising:
-
receiving a unique identifier associated with a user and a first one-time password, the first one-time password being generated using a first cryptographic algorithm;
authenticating the user based on the unique identifier and the first one-time password;
generating, in response to the user being authenticated, a second one-time password using a second cryptographic algorithm, the second cryptographic algorithm being associated with the first cryptographic algorithm; and
transmitting, in response to the user being authenticated, the second one-time password to the user, the first and second one-time passwords expiring after the second one-time password being transmitted to the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for authentication, the method comprising:
-
generating a first one-time password using a first cryptographic algorithm;
transmitting the first one-time password and a unique identifier associated with a user to a server;
receiving a second one-time password from the server, the second one-time password being generated using a second cryptographic algorithm, the second cryptographic algorithm being associated with the first cryptographic algorithm; and
authenticating the server based on the second one-time password, the first and second one-time passwords expiring after authenticating the server. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. An electronic communication apparatus comprising:
-
a processor and a memory structured to store instructions executable by the processor, the instructions corresponding to;
receiving a unique identifier associated with a user and a first one-time password, the first one-time password being generated using a first cryptographic algorithm;
authenticating the user based on the unique identifier and the first one-time password;
generating, in response to the user being authenticated, a second one-time password using a second cryptographic algorithm, the second cryptographic algorithm being associated with the first cryptographic algorithm; and
transmitting, in response to the user being authenticated, the second one-time password to the user, the first and second one-time passwords expiring after the second one-time password being transmitted to the user. - View Dependent Claims (18, 19, 20)
-
-
21. An electronic communication apparatus comprising:
-
a processor and a memory structured to store instructions executable by the processor, the instructions corresponding to;
generating a first one-time password using a first cryptographic algorithm;
transmitting the first one-time password and a unique identifier associated with a user to a server;
receiving a second one-time password from the server, the second one-time password being generated using a second cryptographic algorithm, the second cryptographic algorithm being associated with the first cryptographic algorithm; and
authenticating the server based on the second one-time password, the first and second one-time passwords expiring after authenticating the server. - View Dependent Claims (22, 23, 24)
-
-
25. A computer program product for use in conjunction with a computer system, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism including:
-
instructions for receiving a unique identifier associated with a user and a first one-time password, the first one-time password being generated using a first cryptographic algorithm;
instructions for authenticating the user based on the unique identifier and the first one-time password;
instructions for generating, in response to the user being authenticated, a second one-time password using a second cryptographic algorithm, the second cryptographic algorithm being associated with the first cryptographic algorithm; and
instructions for transmitting, in response to the user being authenticated, the second one-time password to the user, the first and second one-time passwords expiring after the second one-time password being transmitted to the user. - View Dependent Claims (26, 27, 28)
-
-
29. A computer program product for use in conjunction with a computer system, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism including:
-
instructions for generating a first one-time password using a first cryptographic algorithm;
instructions for transmitting the first one-time password and a unique identifier associated with a user to a server;
instructions for receiving a second one-time password from the server, the second one-time password being generated using a second cryptographic algorithm, the second cryptographic algorithm being associated with the first cryptographic algorithm; and
instructions for authenticating the server based on the second one-time password, the first and second one-time passwords expiring after authenticating the server. - View Dependent Claims (30, 31, 32)
-
Specification