Username Based Key Exchange
First Claim
1. A computer-implemented method comprising:
- sending first authentication data including a first random string in response to a request;
receiving a response to the first authentication data, the response including a second authentication data that includes a second random string and a username; and
generating a master secret based on the first authentication data and the second authentication data.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for an system and process for sharing a secret over an unsecured channel in conjunction with an authentication system. A client computes a message authentication code based on a hashed password value and a first random string received from the server. The client sends a response to the server that includes authentication data including a second random string. Both the client and server concatenate the first random string, second random string and username. Theses values are processed to generate as a shared master secret to further generate shared secrets or keys to establish a secured communication channel between the client and server. The secured communication can be based on stateless messaging where the decryption key associated with the message is identified by the message authentication code, which is placed within the message.
140 Citations
23 Claims
-
1. A computer-implemented method comprising:
-
sending first authentication data including a first random string in response to a request; receiving a response to the first authentication data, the response including a second authentication data that includes a second random string and a username; and generating a master secret based on the first authentication data and the second authentication data. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer readable storage medium, having instructions stored therein, which when executed, cause a computer to perform a set of operations comprising:
-
sending first authentication data including a first random string in response to a request; receiving a response to the first authentication data, the response including a second authentication data that includes a second random string and a username; and generating a master secret based on the first authentication data and the second authentication data. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer-implemented method comprising:
-
receiving first authentication data including a first random string; sending a response to the first authentication data, the response including a second authentication data that includes a second random string and a username; and generating a master secret based on the first authentication data and the second authentication data. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer readable storage medium, having instructions stored therein, which when executed, cause a computer to perform a set of operations comprising:
-
receiving first authentication data including a first random string; sending a response to the first authentication data, the response including a second authentication data that includes a second random string and a username; and generating a master secret based on the first authentication data and the second authentication data. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A system comprising:
-
a processor; a memory coupled to the processor; an authentication module coupled to the processor to authenticate a client based on a correspondence between a username and media authentication code ; and a secure communication module to generate a master secret for a secure communication protocol based on the username and a first random string from a server. - View Dependent Claims (22, 23)
-
Specification