SYSTEM AND METHOD FOR DIGITAL USER AUTHENTICATION

US 20120198228A1
Filed: 12/20/2011
Published: 08/02/2012
Est. Priority Date: 12/20/2010
Status: Active Grant

First Claim

Patent Images

1. A method of digital user authentication comprising:

receiving a request at a server from a private key module associated with a first user device;

directing a request for a user challenge from the server to a second user device;

wherein successful completion of the user challenge is required to access a first portion of a private key; and

in response to a successful user challenge, creating at least a second portion of a digital signature associated with a second portion of the private key at the server to authenticate the user to a third party.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method according to preferred embodiment can include receiving a request at a server from a private key module associated with a first user device; directing a request for a first portion of the private key from the server to a second user device; and in response to a successful user challenge creating a first portion of a digital signature and a second portion of a digital signature at the server. The method of the preferred embodiment can further include combining the first portion of the digital signature and the second portion of the digital signature; and delivering the digital signature to the first user device. The method of the preferred embodiment can function to secure the digital signature process by splitting or dividing the user'"'"'s private key into two or more portions, each of which require independent authorization from the user in order to create the digital signature.

80 Citations

View as Search Results

26 Claims

1. A method of digital user authentication comprising:
- receiving a request at a server from a private key module associated with a first user device;
  
  directing a request for a user challenge from the server to a second user device;
  
  wherein successful completion of the user challenge is required to access a first portion of a private key; and
  
  in response to a successful user challenge, creating at least a second portion of a digital signature associated with a second portion of the private key at the server to authenticate the user to a third party.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the first user device and the second user device are distinct user devices.
  - 3. The method of claim 1, wherein the second user device comprises a smart phone.
  - 4. The method of claim 1, wherein the second portion of the private key is located on the server.
  - 5. The method of claim 4, wherein the first portion of the private key is located on the first user device.
  - 6. The method of claim 4, wherein the first portion of the private key is located on the second user device.
  - 7. The method of claim 1, wherein the first and second user devices communicate though the server.
  - 8. The method of claim 1, wherein the first and second user devices communicate directly.
  - 9. The method of claim 8, wherein the first and second user devices are connectable through a near field communication protocol.
  - 10. The method of claim 8, wherein the first and second user devices are connectable through a wired connector.
  - 11. The method of claim 1, further comprising creating a first portion of the digital signature at the server and combining the first portion of the digital signature and the second portion of the digital signature.
  - 12. The method of claim 11, further comprising delivering the digital signature to the first user device.

13. A method of digital user authentication comprising:
- delivering a public key from a first user device to a third party;
  
  requesting a second portion of a digital signature derived from a second portion of the private key by the first user device;
  
  receiving at the first user device at least a second portion of a digital signature derived from the second portion of the private key in response to a successful user challenge completed on a second user device; and
  
  delivering a digital signature from the first user device to the third party.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
- - 14. The method of claim 13, further comprising storing a first portion of the public key on the first user device.
  - 15. The method of claim 14, further comprising generating a first portion of the digital signature on the first user device.
  - 16. The method of claim 15, further comprising receiving the second portion of the digital signature from the server in response to a successful user challenge completed on the second user device.
  - 17. The method of claim 15, further comprising receiving the second portion of the digital signature from the second user device.
  - 18. The method of claim 13, further comprising receiving the complete digital signature at the first user device from one of the server or the second user device.
  - 19. The method of claim 13, wherein the second user device comprises a smart phone.
  - 20. The method of claim 13, wherein the first user device and the second user device are connectable through a near field communication protocol.
  - 21. The method of claim 13, wherein the first and second user devices are connectable through a wired connector.

22. A method of digital user authentication comprising:
- receiving a request at a server from a private key module associated with a first user device;
  
  directing a request for a first portion of a digital signature derived form a first portion of a private key from the server to a second user device;
  
  in response to a successful user challenge, creating at least a second portion of a digital signature at the server;
  
  combining the first portion of the digital signature and the second portion of the digital signature at the server; and
  
  delivering the digital signature from the server to the first user device.
- View Dependent Claims (23, 24, 25, 26)
- - 23. The method of claim 22, wherein the first user device and the second user device are distinct user devices.
  - 24. The method of claim 23, wherein the second user device comprises a smart phone.
  - 25. The method of claim 22, wherein the first user device and the second user device are connectable through a near field communication protocol.
  - 26. The method of claim 22, wherein the first and second user devices are connectable through a wired connector.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Duo Security Incorporated (Cisco Systems, Inc.)
Inventors
Oberheide, Jon, Song, Douglas, Goodman, Adam

Granted Patent

US 9,282,085 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

H04L 63/061   for key exchange, e.g. in p...

H04L 63/062   for key distribution, e.g. ...

H04L 63/08   for authentication of entit...

H04L 63/126   the source of the received ...

SYSTEM AND METHOD FOR DIGITAL USER AUTHENTICATION

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

80 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR DIGITAL USER AUTHENTICATION

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

80 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links