SECURE PASSWORD DISTRIBUTION TO A CLIENT DEVICE OF A NETWORK

US 20080141352A1
Filed: 12/11/2006
Published: 06/12/2008
Est. Priority Date: 12/11/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method for password distribution in a network comprising a client and a server, the method comprising:

the client creating a first nonce;

the client sending the first nonce, an initial username, and a network address of the client to the server;

the client receiving a second nonce and a password from the server; and

the client associating the password with an access username if the first nonce is the same as the second nonce.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A password is securely distributed to a client device of a network by sending a first encrypted message from the client device to a server of the network, the first message comprising a nonce created by the client device, a username of the client device, and a network address of the client device, then sending a second message from the server to the network address of the client device, the second message comprising the nonce created by the client device, and a password created by the server. If the client device verifies that the nonce received from the server matches the nonce sent to the server, the password and username may be used to enable to client device to access information on the server. The first encrypted message may be an HTTPS message and the second message may be an SMS message.

32 Citations

View as Search Results

20 Claims

1. A method for password distribution in a network comprising a client and a server, the method comprising:
- the client creating a first nonce;
  
  the client sending the first nonce, an initial username, and a network address of the client to the server;
  
  the client receiving a second nonce and a password from the server; and
  
  the client associating the password with an access username if the first nonce is the same as the second nonce.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A method in accordance with claim 1, wherein the access username is dependent upon the initial username.
  - 3. A method in accordance with claim 1, further comprising:
    - the client creating the initial username; and
      
      the client creating the access username.
  - 4. A method in accordance with claim 1, wherein the client sends the first nonce, the initial username and the network address to the server using a secure transfer.
  - 5. A method in accordance with claim 1, further comprising:
    - the server receiving the first nonce, the initial username, and the network address;
      
      the server creating the password; and
      
      the server sending the second nonce and the password to the client at the specified network address,wherein the second nonce is equal to the received first nonce.
  - 6. A method in accordance with claim 5, wherein the server sends the password and the second nonce using a messaging system.
  - 7. A method in accordance with claim 1, wherein the client comprises a portable telephone handset and the network address comprises a telephone number.

8. A portable device comprising:
- a nonce creation module operable to create a first nonce;
  
  a transfer module, operable to send to send the first nonce, an initial username and a network address of the portable device to a network server;
  
  a message module operable to receive a second nonce and a password from the network server;
  
  a nonce verification module operable compare the first nonce and the second nonce;
  
  an access username creation module, operable to create an access username dependent upon the network address and the initial username;
  
  a memory operable to store the access username and the password if the first nonce is the same as the second nonce.
- View Dependent Claims (9, 10, 11, 12)
- - 9. A portable device in accordance with claim 8, further comprising an initial username creation module operable to create the initial username.
  - 10. A portable device in accordance with claim 8, wherein the portable device comprises a telephone handset and the network address comprises a telephone number of the telephone handset.
  - 11. A portable device in accordance with claim 8, wherein the message module comprises a Small Message Service (SMS) module.
  - 12. A portable device in accordance with claim 8, wherein the transfer module comprises a HyperText Transfer Protocol (HTTP) module.

13. A sequence of messages for distributing a password to a client device of a network, the sequence comprising:
- a first message sent from the client device to a server of the network, the first message comprising;
  
  a nonce created by the client device;
  
  an initial username; and
  
  a network address of the client device; and
  
  a second message sent from the server to the network address of the client device, the second message comprising;
  
  the nonce created by the client device; and
  
  a password created by the server.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. A sequence of messages in accordance with claim 13, wherein the first message comprises a HyperText Transfer Protocol (HTTP) message.
  - 15. A sequence of messages in accordance with claim 13, wherein the first message comprises a HyperText Transfer Protocol (HTTP) message sent over a Secure Sockets Layer (SSL).
  - 16. A sequence of messages in accordance with claim 13, wherein the second message is sent using a Short Message Service (SMS).
  - 17. A sequence of messages in accordance with claim 13, further comprising:
    - a third message from the client device to the server of the network, the third message comprising an information request; and
      
      a fourth message from the server of the network to the client device, the fourth message comprising information.
  - 18. A sequence of messages in accordance with claim 17, wherein the third message from the client device to the server comprises an access username and the password.
  - 19. A sequence of messages in accordance with claim 17, wherein the third and fourth messages comprise HyperText Transfer Protocol (HTTP) messages sent over a Secure Sockets Layer (SSL).
  - 20. A sequence of messages in accordance with claim 19, wherein the access username is dependent on the initial username.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Motorola, Inc. (Motorola Solutions, Inc.)
Original Assignee
Motorola, Inc. (Motorola Solutions, Inc.)
Inventors
Messerges, Thomas S., Lindsley, Brett L.

Application Number

US11/608,966
Publication Number

US 20080141352A1
Time in Patent Office

Days
Field of Search
US Class Current

726/6
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/166   at the transport layer

H04L 63/168   above the transport layer

H04W 12/06   Authentication

SECURE PASSWORD DISTRIBUTION TO A CLIENT DEVICE OF A NETWORK

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

32 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

SECURE PASSWORD DISTRIBUTION TO A CLIENT DEVICE OF A NETWORK

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others