TRUSTED NETWORK TRANSFER OF CONTENT USING OF NETWORK INPUT CODE

US 20100125896A1
Filed: 01/26/2010
Published: 05/20/2010
Est. Priority Date: 11/14/2003
Status: Active Grant

First Claim

Patent Images

1. A method implemented in a computing system for transmitting content from a first computing device to a second computing device in a network, comprising:

generating, by the first computing device without receiving user input, a trust code;

transporting the generated trust code from the first computing device to the second computing device, said transporting comprising displaying, by the first computing device, the generated trust code, and receiving, at the second computing device via a user interface, a trust code; and

performing an authentication exchange between the first computing device and the second computing device across the network, comprising;

receiving from the network at the first computing device the trust code received at the second computing device,at the first computing device comparing the received trust code to the generated trust code,when the received trust code does not have a pre-defined relationship with the generated trust code, determining at the first computing device the content is not trusted for delivery to the second computing device, andwhen the received trust code has a pre-defined relationship with the generated trust code, determining at the first computing device the content is trusted for delivery to the second computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for use in connection with the trusted transmission and reception of content, such as encryption key information, from one computing device in a network to a second computing device are provided. In one embodiment, the invention provides a way to trust or validate the transfer of a public key using a very short code entered out of band of the network that is easy for end-users to remember, or write down.

Citations

20 Claims

1. A method implemented in a computing system for transmitting content from a first computing device to a second computing device in a network, comprising:
- generating, by the first computing device without receiving user input, a trust code;
  
  transporting the generated trust code from the first computing device to the second computing device, said transporting comprising displaying, by the first computing device, the generated trust code, and receiving, at the second computing device via a user interface, a trust code; and
  
  performing an authentication exchange between the first computing device and the second computing device across the network, comprising;
  
  receiving from the network at the first computing device the trust code received at the second computing device,at the first computing device comparing the received trust code to the generated trust code,when the received trust code does not have a pre-defined relationship with the generated trust code, determining at the first computing device the content is not trusted for delivery to the second computing device, andwhen the received trust code has a pre-defined relationship with the generated trust code, determining at the first computing device the content is trusted for delivery to the second computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. A method according to claim 1, further comprising:
    - at the first computing device, upon determining the received trust code does not have a pre-defined relationship with the generated trust code, transmitting an error message to the second computing device via the network; and
      
      at the first computing device, upon determining the received trust code has a pre-defined relationship with the generated trust code, transmitting the content for delivery to the second computing device via the network.
  - 3. A method according to claim 2, further comprising:
    - receiving from the network at the second computing device a hash value generated by the first device with a hashing algorithm based on at least the generated trust code and content to be transmitted from the first computing device to the second computing device;
      
      at the second computing device, storing the hash value;
      
      at the second computing device, receiving content via the network;
      
      at the second computing device, computing a hash value based on the received content and the inputted trust code;
      
      at the second computing device, determining if the computed hash value has a predefined relationship to the stored hash value; and
      
      at the second computing device, trusting the received content upon determining the computed hash value has a predefined relationship to the stored hash value.
  - 4. A method according to claim 1, wherein the content is a credential of the first computing device.
  - 5. A method according to claim 4, wherein the credential is a public key.
  - 6. A method according to claim 1, wherein said receiving at the second computing device via a user interface, a trust code, comprises allowing the inputted trust code to be entered at most once to the second computing device.
  - 7. A method according to claim 1, wherein said comparing the received trust code comprises calculating a security code, the security code comprising the inputted trust code, a fixed code assigned to the computing device performing the comparison, and at least one check digit computed based on the inputted trust code and the fixed code.
  - 8. A method according to claim 1, wherein said transporting comprises:
    - receiving a component into the first computing device;
      
      transmitting the trust code onto the component from the first computing device;
      
      receiving the component into the second computing device; and
      
      retrieving the trust code from the component at the second computing device.
  - 9. A method according to claim 8, wherein the component is a memory component adapted to be inserted into at least one data port of the respective first and second computing devices.
  - 10. A method according to claim 1, wherein when said trust code received at the first computing device does not have the pre-defined relationship with said generated trust code, determining not to deliver content to the second device.
  - 11. A method according to claim 1, wherein when said trust code received at the first computing device does not have the pre-defined relationship with said generated trust code, and said content is a public key, invalidating for future use the public key and a private key associated with the public key.
  - 12. A method according to claim 1, wherein when said trust code received at the first computing device does not have the pre-defined relationship with said generated trust code, invalidating the trust code for future use unless independently randomly generated in the future.

13. A method implemented in a computing system for transmitting content from a first computing device to a second computing device in a network, comprising:
- generating, by the first computing device without receiving user input, a trust code;
  
  outputting from the first computing device the generated trust code for transport to the second computing device;
  
  receiving at the first computing device from the network, affirmation that the second device has received a trust code;
  
  generating, by the first computing device, a hash value using a hashing algorithm based on at least the generated trust code and content to be transmitted from the first computing device to the second computing device;
  
  transmitting, by the first computing device, the hash value on the network to the second computing device;
  
  receiving, by the first computing device from the network, a trust code inputted into the second computing device;
  
  determining, by the first computing device, whether the received trust code has a pre-defined relationship to the generated trust code;
  
  at the first computing device upon determining the received trust code does not have a pre-defined relationship with the generated trust code, transmitting an error message to the second computing device; and
  
  at the first computing device, upon determining the received trust code has a pre-defined relationship with the generated trust code, transmitting the content for delivery to the second computing device.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The method of claim 13, wherein said content is a public key.
  - 15. The method of claim 13, wherein outputting the generated trust code comprises displaying, by the first computing device, the generated trust code.
  - 16. The method of claim 13, wherein outputting the generated trust code comprises:
    - receiving a component into the first computing device; and
      
      transmitting the trust code onto the component from the first computing device.
  - 17. The method of claim 13, further comprising upon determining the received trust code does not have a pre-defined relationship with the generated trust code, invalidating the received trust code for future use.

18. A method implemented on a computing system for receiving content from a first computing device by a second computing device in a network, comprising:
- receiving a physical input at the second computing device, the physical input identifying an inputted trust code, the physical input being received after a generated trust code has been randomly generated and output by the first computing device without user input;
  
  at the second computing device transmitting via the network notification to the first computing device of receipt of the inputted trust code at the second computing device;
  
  receiving from the network at the second computing device a hash value generated by the first device with a hashing algorithm based on at least the generated trust code and the content to be transmitted from the first computing device to the second computing device;
  
  at the second computing device, storing the hash value;
  
  at the second computing device transmitting via the network the inputted trust code to the first computing device;
  
  at the second computing device, receiving content via the network;
  
  at the second computing device, computing a hash value based on the received content and the inputted trust code;
  
  at the second computing device, determining if the computed hash value has a predefined relationship to the stored hash value; and
  
  at the second computing device, trusting the received content upon determining the computed hash value has a predefined relationship to the stored hash value.
- View Dependent Claims (19, 20)
- - 19. A method according to claim 18, wherein said content is a public key.
  - 20. A method according to claim 18, wherein said hashing algorithm is based on said public key and said trust code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Fang, Nicholas Jie, Pyle, Harry S., Lehew, Christian R.

Granted Patent

US 8,473,612 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

H04L 63/061 for key exchange, e.g. in p...

TRUSTED NETWORK TRANSFER OF CONTENT USING OF NETWORK INPUT CODE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

TRUSTED NETWORK TRANSFER OF CONTENT USING OF NETWORK INPUT CODE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links