CHALLENGE RESPONSE-BASED DEVICE AUTHENTICATION SYSTEM AND METHOD
First Claim
1. A method, implemented at a transmitting device, for transmitting a secret value to a receiving device, the receiving device being provided with a hash of a previously stored value and with a challenge value, the method comprising:
- receiving the challenge value from the receiving device;
generating a hash of the secret value;
combining the challenge value with the hash of the secret value;
defining a key comprising a hash of a combination of the challenge value and the hash of the secret value;
generating a response comprising the key and the secret value;
transmitting the response to the receiving device, such that the receiving device can determine the secret value from the response using a receiving key, the receiving key comprising a hash of a combination of the challenge value and the hash of the previously stored value.
4 Assignments
0 Petitions
Accused Products
Abstract
A challenge response scheme authenticates a requesting device by an authenticating device. The authenticating device generates and issues a challenge to the requesting device. The requesting device combines the challenge with a hash of a password provided by a user, and the combination is further hashed in order to generate a requesting encryption key used to encrypt the user supplied password. The encrypted user supplied password is sent to the authenticating device as a response to the issued challenge. The authenticating device generates an authenticating encryption key by generating the hash of a combination of the challenge and a stored hash of an authenticating device password. The authenticating encryption key is used to decrypt the response in order to retrieve the user-supplied password. If the user-supplied password hash matches the stored authenticating device password hash, the requesting device is authenticated and the authenticating device is in possession of the password.
-
Citations
23 Claims
-
1. A method, implemented at a transmitting device, for transmitting a secret value to a receiving device, the receiving device being provided with a hash of a previously stored value and with a challenge value, the method comprising:
-
receiving the challenge value from the receiving device; generating a hash of the secret value; combining the challenge value with the hash of the secret value; defining a key comprising a hash of a combination of the challenge value and the hash of the secret value; generating a response comprising the key and the secret value; transmitting the response to the receiving device, such that the receiving device can determine the secret value from the response using a receiving key, the receiving key comprising a hash of a combination of the challenge value and the hash of the previously stored value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computing device program product comprising a computer-readable medium embodying code operative, when implemented on a computing device, to:
-
receive a challenge value from a receiving device, the receiving device being provided with the challenge value and a hash of a previously stored value; generate a hash of the secret value; combine the challenge value with the hash of the secret value; define a key comprising a hash of a combination of the challenge value and the hash of the secret value; generate a response comprising the key and the secret value; transmit the response to the receiving device, such that the receiving device can determine the secret value using a receiving key, the receiving key comprising a hash of a combination of the challenge value and the hash of the previously stored value. - View Dependent Claims (11)
-
-
12. A system for transmitting a secret value to a receiving device, the system comprising:
-
a user interface for receiving the secret value; a communication module for receiving a challenge value from the receiving device and for transmitting a response to the receiving device; a hash generator for generating a hash of the secret value; a key generator for generating a key comprising a hash of a combination of the challenge value and the hash of the secret value; a response generator for generating the response, the response comprising the key and the secret value, such that the receiving device, upon receipt of the response from the communication module, can determine the secret value using a receiving key comprising a hash of a combination of the challenge value and the hash of a previously stored value. - View Dependent Claims (13, 14, 15)
-
-
16. A system for transmitting a secret value to a receiving device, comprising:
-
a transmitting device comprising; a communication module for receiving a challenge value from the receiving device and for transmitting a response to the receiving device; a hash generator for generating a hash of the secret value; a key generator for generating a key comprising a hash of a combination of the challenge value and the hash of the secret value; and a response generator for generating the response, the response comprising the key and the secret value, and a receiving device comprising; a memory for storing a previously stored value; a challenge generator for generating the challenge value, a communication module for transmitting the challenge value to the transmitting device and receiving the response from the transmitting device; a hash generator for generating a receiving key by hashing a combination of the challenge value and a hash of the previously stored value; and a decryptor for determining, using the receiving key, the secret value from the response received from the transmitting device. - View Dependent Claims (17, 18, 19, 21, 22, 23)
-
-
20. A method for authentication of a requesting device by an authenticating device, the method comprising the authenticating device:
-
detecting a connection request by the requesting device, transmitting a challenge to the requesting device; receiving a response from the requesting device, the response comprising a requesting key determined by carrying out a hash operation on a combination of the challenge and a hash of a secret value; defining an authenticating key by carrying out the hash operation on a combination of the challenge and a hash of a previously stored value; using the authenticating key to obtain a further value from the response and carrying out the hash operation on the further value; comparing the hash of the further value with the hash of the previously stored value to authenticate the requesting device when the comparison indicates a match.
-
Specification