SYSTEM AND METHOD FOR PREVENTING UNAUTHORIZED ACCESS TO INFORMATION

US 20130311784A1
Filed: 07/24/2013
Published: 11/21/2013
Est. Priority Date: 02/20/2008
Status: Active Grant

First Claim

Patent Images

1. A method of secure log-in, comprising:

obtaining a transactionID from a cryptographic chip of a computer;

sending the transactionID to a wireless eKey, the eKey signing the transactionID with a private key stored on the eKey;

receiving the signed transactionID from the eKey;

sending the signed transactionID to the cryptographic chip, the cryptographic chip verifying the signed transactionID with a public key stored on the cryptographic chip; and

allowing a user to log-in to the computer in response to the verification.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication system protects a hardware cryptographic chip from being commanded to decrypt or sign data by someone other than the legitimate owner(s) of the certificate residing on the chip. Openness of present cryptographic hardware systems are limited by imposing a condition that the cryptographic chip will only perform critical cryptographic tasks if the task is accompanied by a signature which only the legitimate owner can provide.

Citations

20 Claims

1. A method of secure log-in, comprising:
- obtaining a transactionID from a cryptographic chip of a computer;
  
  sending the transactionID to a wireless eKey, the eKey signing the transactionID with a private key stored on the eKey;
  
  receiving the signed transactionID from the eKey;
  
  sending the signed transactionID to the cryptographic chip, the cryptographic chip verifying the signed transactionID with a public key stored on the cryptographic chip; and
  
  allowing a user to log-in to the computer in response to the verification.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising generating, by the eKey a keypair including the public key and the private key.
  - 3. The method of claim 2, further comprising sending, by the eKey, the public key to the computer and the public key being stored on the cryptographic chip.
  - 4. The method of claim 1, further comprising receiving a fingerprint input to a fingerprint analyzer of the eKey prior to the eKey signing the transactionID with the private key.
  - 5. The method of claim 3, wherein the public key is stored within an account corresponding to the user.
  - 6. The method of claim 1, wherein the eKey uses a communication type selected from the group consisting of Bluetooth, microwave, infrared, and satellite.

7. A method of securely decrypting data, comprising:
- obtaining a first transactionID from a cryptographic chip of a computer;
  
  obtaining an second transactionID from a wireless eKey;
  
  signing the second transactionID with a second private key stored on the computer;
  
  sending the signed second transactionID to the eKey, the eKey verifying the signed second transactionID with a second public key stored on the eKey;
  
  sending the first transactionID to the eKey, and in response to the verification the eKey signing the first transactionID with a first private key stored on the eKey;
  
  receiving the signed first transactionID from the eKey;
  
  sending the signed first transactionID with data to the cryptographic chip, the cryptographic chip verifying the signed first transactionID with a first public key stored on the cryptographic chip and in response to the verification decrypting the data.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 8. The method of claim 7, further comprising generating, by the eKey, a first keypair including the first public key and the first private key.
  - 9. The method of claim 8, further comprising sending, by the eKey, the first public key to the computer and the public key being stored on the cryptographic chip.
  - 10. The method of claim 7, further comprising generating a second keypair including the second public key and the second private key.
  - 11. The method of claim 10, further comprising sending the second public key to the eKey and the second public key being stored on the eKey.
  - 12. The method of claim 11, further comprising generating, by the eKey, a random number and displaying the random number on a display of the eKey.
  - 13. The method of claim 12, further comprising encrypting, by the eKey, the random number with the second public key.
  - 14. The method of claim 13, further comprising receiving the encrypted random number from the eKey.
  - 15. The method of claim 14, further comprising decrypting the encrypted random number with the second private key.
  - 16. The method of claim 7, wherein the eKey uses a communication type selected from the group consisting of Bluetooth, microwave, infrared, and satellite.

17. A method of secure log-in, comprising:
- downloading, by a client device, a log-in webpage to a server over a network;
  
  receiving, by the client device, a server public key from the server;
  
  sending, by the client device, a client public key to the server;
  
  downloading, by the client device, a communication from the server, wherein the communication includes a server signature; and
  
  verifying, by the client device, the server signature with the server public key.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17, further comprising sending, by the client device, a second communication to the server, wherein the second communication includes a client signature.
  - 19. The method of claim 18, further comprising verifying, by the server, the client signature with the client public key.
  - 20. The method of claim 17, further comprising receiving, by the client device, a fingerprint input to a fingerprint analyzer of an eKey in response to the receiving of the server public key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micheal Bleahen
Original Assignee
Micheal Bleahen
Inventors
Bleahen, Micheal

Granted Patent

US 9,443,068 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/185
CPC Class Codes

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/72   in cryptographic circuits

H04L 2209/127   Trusted platform modules [TPM]

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless

H04L 9/0825   using asymmetric-key encryp...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3234   involving additional secure...

H04L 9/3263   involving certificates, e.g...

SYSTEM AND METHOD FOR PREVENTING UNAUTHORIZED ACCESS TO INFORMATION

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR PREVENTING UNAUTHORIZED ACCESS TO INFORMATION

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links