NETWORKED COMPUTER IDENTITY ENCRYPTION AND VERIFICATION

US 20110202772A1
Filed: 10/15/2009
Published: 08/18/2011
Est. Priority Date: 10/27/2008
Status: Abandoned Application

First Claim

Patent Images

1. A method for communication, comprising:

initiating a communication session over a network between a remote computer and a local computer, which has a central processing unit (CPU) and an input device;

storing a record at the remote computer of an identification code that is associated with the input device of the local computer and is inaccessible to the CPU;

receiving data input by a user to the local computer via the input device;

generating at the local computer a cryptographic signature over the data and the identification code using a processor other than the CPU;

transmitting the signature to the remote computer; and

decrypting the signature at the remote computer in order to authenticate the data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for communication includes initiating a communication session over a network between a remote computer (24) and a local computer (20), which has a central processing unit (CPU) (40) and an input device (30). A record is stored at the remote computer of an identification code that is associated with the input device of the local computer and is inaccessible to the CPU. When data input by a user to the local computer is received via the input device, a cryptographic signature over the data and the identification code is generated at the local computer using a processor (46) other than the CPU. The signature is transmitted to the remote computer and is decrypted at the remote computer in order to authenticate the data.

Citations

22 Claims

1. A method for communication, comprising:
- initiating a communication session over a network between a remote computer and a local computer, which has a central processing unit (CPU) and an input device;
  
  storing a record at the remote computer of an identification code that is associated with the input device of the local computer and is inaccessible to the CPU;
  
  receiving data input by a user to the local computer via the input device;
  
  generating at the local computer a cryptographic signature over the data and the identification code using a processor other than the CPU;
  
  transmitting the signature to the remote computer; and
  
  decrypting the signature at the remote computer in order to authenticate the data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method according to claim 1, wherein the input device comprises a keyboard.
  - 3. The method according to claim 2, wherein the keyboard has a housing, and wherein the processor is contained inside the housing of the keyboard.
  - 4. The method according to claim 1, wherein receiving the data comprises displaying the data on an output device associated with the local computer.
  - 5. The method according to claim 4, wherein displaying the data comprises presenting a page provided by the remote computer on the output device, the page comprising a field that is filled in with the data input by the user.
  - 6. The method according to claim 1, wherein the signature transmitted to the remote computer contains the data.
  - 7. The method according to claim 1, and comprising transmitting the data to the remote computer in addition to transmitting the signature.
  - 8. The method according to claim 1, wherein the identification code comprises a hardware code that is embedded in the input device.
  - 9. The method according to claim 8, wherein initiating the communication session comprises creating a session identifier, and wherein generating the cryptographic signature comprises computing the signature over the data, the hardware code and the session identifier.
  - 10. The method according to claim 1, wherein the identification code comprises a session identifier.
  - 11. The method according to claim 1, wherein transmitting the signature comprises conveying the signature from the processor to the remote computer via a tunneled logical path through the local computer.

12. Apparatus for use in a communication session over a network between a remote computer and a local computer, which has a central processing unit (CPU), the apparatus comprising:
- an input device comprising an input transducer, for receiving data input by a user to the local computer; and
  
  a processor, which is coupled to the input transducer and is configured to generate, using an identification code that is recorded by the remote computer and is inaccessible to the CPU, a cryptographic signature over the data and the identification code for transmission of the signature to the remote computer, wherein the signature is decryptable by the remote computer in order to authenticate the data.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The apparatus according to claim 12, wherein the input device comprises a keyboard.
  - 14. The apparatus according to claim 13, wherein the keyboard has a housing, and wherein the processor is contained inside the housing of the keyboard.
  - 15. The apparatus according to claim 12, wherein the processor is configured to convey the data for display on an output device associated with the local computer.
  - 16. The apparatus according to claim 15, wherein the data are input by the user in order to fill in a field on a page provided by the remote computer and presented by the local computer on the output device.
  - 17. The apparatus according to claim 12, wherein the signature generated by the processor contains the data.
  - 18. The apparatus according to claim 12, wherein the processor is configured to generate the signature over a function of the data, for transmission to the remote computer in addition to transmitting the data.
  - 19. The apparatus according to claim 12, wherein the identification code comprises a hardware code that is embedded in the input device.
  - 20. The apparatus according to claim 19, wherein the processor is configured to compute the cryptographic signature over the data, the hardware code and a session identifier that is associated with the communication session.
  - 21. The apparatus according to claim 12, wherein the identification code comprises a session identifier that is associated with the communication session.
  - 22. The apparatus according to claim 12, wherein the processor is configured to establish a tunneled logical path through the local computer to the remote computer and to convey the signature to the remote computer via the tunneled logical path.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Human Interface Security Limited
Original Assignee
Human Interface Security Limited
Inventors
Frenkel, Lior, Zilberstein, Amir

Application Number

US13/124,661
Publication Number

US 20110202772A1
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/83   input devices, e.g. keyboar...

G06F 2221/2105   Dual mode as a secondary as...

G06F 2221/2129   Authenticate client device ...

H04L 63/0823   using certificates cryptogr...

H04L 63/0853   using an additional device,...

H04L 67/02   based on web technology, e....

NETWORKED COMPUTER IDENTITY ENCRYPTION AND VERIFICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

NETWORKED COMPUTER IDENTITY ENCRYPTION AND VERIFICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links