IMAGE-BASED KEY EXCHANGE

US 20120084846A1
Filed: 09/30/2011
Published: 04/05/2012
Est. Priority Date: 09/30/2010
Status: Active Grant

First Claim

Patent Images

1. A method of configuring a computing device to provide a secondary authentication password for a password-protected web service, the method comprising:

capturing, using an image capture device communicatively coupled to a first computing device, an encoded graphical image presented by a display of a second computing device, wherein the encoded graphical image indicates a representation of a secure authentication key;

determining, from the captured encoded graphical image, the secure authentication key; and

storing the secure authentication key on the first computing device for subsequent use to generate a password to acquire access to a password-protected web service.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This disclosure is directed for improved techniques for configuring a device to generate a secondary password based at least in part on a secure authentication key. The techniques of this disclosure may, in some examples, provide for capturing, by a computing device, an image of a display of another computing device. The captured image includes at least one encoded graphical image, such as a barcode, that includes an indication of the content of a secure authentication key. The computing device may use the secure authentication key to generate a secondary password to be used in conjunction with a primary password to gain access to a password-protected web service.

41 Citations

View as Search Results

21 Claims

1. A method of configuring a computing device to provide a secondary authentication password for a password-protected web service, the method comprising:
- capturing, using an image capture device communicatively coupled to a first computing device, an encoded graphical image presented by a display of a second computing device, wherein the encoded graphical image indicates a representation of a secure authentication key;
  
  determining, from the captured encoded graphical image, the secure authentication key; and
  
  storing the secure authentication key on the first computing device for subsequent use to generate a password to acquire access to a password-protected web service.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising:
    - using the stored secure authentication key to generate a password to be used to acquire access to the password-protected web service.
  - 3. The method of claim 2, wherein using the stored secure authentication key to generate a password comprises using the stored secure authentication key to generate a secondary password to be used in conjunction with a primary password to acquire access to the password-protected web service.
  - 4. The method of claim 1, wherein the encoded graphical image comprises a bar code or a hologram.
  - 5. The method of claim 1, wherein the encoded graphical image further includes at least one indication of an identification of a user.
  - 6. The method of claim 1, wherein the encoded graphical image includes at least one indication of a uniform resource locator (URL).
  - 7. The method of claim 6, wherein the at least one indication of the URL comprises:
    - a prefix field that indicates an operation to be performed by the first computing device;
      
      the representation of the secure authentication key; and
      
      additional information that indicates an intended use of the secure authentication key.
  - 8. The method of claim 6, wherein the URL indicates a location where the secure authentication key can be accessed.
  - 9. The method of claim 1, wherein the encoded graphical image further includes at least one indication of a length of a password generated based on the secure authentication key.
  - 10. The method of claim 1, wherein the encoded graphical image further includes at least one indication of a type of algorithm to be used to generate a password based on the secure authentication key.
  - 11. The method of claim 10, wherein the encoded graphical image further includes one or more indications of a type of hash to be used according to the algorithm.
  - 12. The method of claim 10, wherein the type of algorithm is selected from the group consisting of:
    - a Hash-based Message Authentication Code (HMAC)-based One Time Password (HOTP); and
      
      a Time-based One-time Password (TOTP).
  - 13. The method of claim 12, wherein the type of algorithm is HOTP, and wherein the graphical image further comprises:
    - one or more indications of a time for which a password generated based on the secure authentication key is to remain valid to grant a user access to a password-protected web service.

14. A computing device, comprising:
- at least one processor;
  
  a camera module configured to operate an image capture device communicatively coupled to the computing device to capture at least one image of a display of another computing device, wherein the at least one captured image includes at least one encoded graphical image;
  
  means for processing the captured image to determine content of a secure authentication key represented by the encoded graphical image; and
  
  a storage module to store the secure authentication key on the computing device for subsequent use to generate a password to acquire access to a password-protected web service.
- View Dependent Claims (15)
- - 15. The computing device of claim 14, further comprising:
    - means for generating, based on the stored authentication key, a secondary password for use in conjunction with a primary password to gain access to a password-protected web service.

16. An article of manufacture comprising a computer-readable medium that stores instructions configured to cause a computing device to configure a mobile device to provide an authentication password for a password-protected web service, wherein the instructions cause the computing device to:
- capture, using an image capture device communicatively coupled to a first computing device, an encoded graphical image presented by a display of a second computing device, wherein the encoded graphical image indicates a representation of a secure authentication key;
  
  determine, from the detected encoded graphical image, the secure authentication key;
  
  store the secure authentication key on the first computing device; and
  
  use the stored secure authentication key to generate a secondary password to be used in conjunction with a primary password to acquire access to a password-protected web service.

17. A method for providing a secondary password authentication for a password-protected web service, the method comprising:
- receiving, from a user, a request for a secure authentication key;
  
  generating an encoded graphical image that includes at least one indication of the secure authentication key; and
  
  transmitting, for display by a first computing device, a graphical image that indicates a representation of a secure authentication key, wherein the secure authentication key is configured to be stored on a second computing device and subsequently used by the second computing device to generate a password to be used to gain access to a password-protected web service.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The method of claim 17, wherein the secure authentication key is configured to be used by the second computing device to generate a secondary password to be used in conjunction with a primary password to gain access to the password-protected web service.
  - 19. The method of claim 17, wherein the request for the secure authentication key is received by the password-protected web service.
  - 20. The method of claim 17, wherein the request for the secure authentication key is received by a web service different than the password-protected web service.
  - 21. The method of claim 17, further comprising:
    - receiving, by the password-protected web service, the secondary password generated at the second computing device, wherein the secondary password is generated based at least in part on the secure authentication key; and
      
      granting access to the password-protected web service based at least in part on authentication of the secondary password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Weis, Stephen A., McCoy, Travis E., Hintz, Andrew D., Wade, Iain P.

Granted Patent

US 8,861,724 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/6
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/36   by graphic or iconic repres...

H04L 9/0861   Generation of secret inform...

IMAGE-BASED KEY EXCHANGE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

41 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

IMAGE-BASED KEY EXCHANGE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links