SYSTEM AND METHOD FOR PREVENTING UNAUTHORIZED ACCESS TO INFORMATION
First Claim
Patent Images
1. A method of secure log-in, comprising:
- obtaining a transactionID from a cryptographic chip of a computer;
sending the transactionID to a wireless eKey, the eKey signing the transactionID with a private key stored on the eKey;
receiving the signed transactionID from the eKey;
sending the signed transactionID to the cryptographic chip, the cryptographic chip verifying the signed transactionID with a public key stored on the cryptographic chip; and
allowing a user to log-in to the computer in response to the verification.
0 Assignments
0 Petitions
Accused Products
Abstract
An authentication system protects a hardware cryptographic chip from being commanded to decrypt or sign data by someone other than the legitimate owner(s) of the certificate residing on the chip. Openness of present cryptographic hardware systems are limited by imposing a condition that the cryptographic chip will only perform critical cryptographic tasks if the task is accompanied by a signature which only the legitimate owner can provide.
-
Citations
20 Claims
-
1. A method of secure log-in, comprising:
-
obtaining a transactionID from a cryptographic chip of a computer; sending the transactionID to a wireless eKey, the eKey signing the transactionID with a private key stored on the eKey; receiving the signed transactionID from the eKey; sending the signed transactionID to the cryptographic chip, the cryptographic chip verifying the signed transactionID with a public key stored on the cryptographic chip; and allowing a user to log-in to the computer in response to the verification. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of securely decrypting data, comprising:
-
obtaining a first transactionID from a cryptographic chip of a computer; obtaining an second transactionID from a wireless eKey; signing the second transactionID with a second private key stored on the computer; sending the signed second transactionID to the eKey, the eKey verifying the signed second transactionID with a second public key stored on the eKey; sending the first transactionID to the eKey, and in response to the verification the eKey signing the first transactionID with a first private key stored on the eKey; receiving the signed first transactionID from the eKey; sending the signed first transactionID with data to the cryptographic chip, the cryptographic chip verifying the signed first transactionID with a first public key stored on the cryptographic chip and in response to the verification decrypting the data. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of secure log-in, comprising:
-
downloading, by a client device, a log-in webpage to a server over a network; receiving, by the client device, a server public key from the server; sending, by the client device, a client public key to the server; downloading, by the client device, a communication from the server, wherein the communication includes a server signature; and verifying, by the client device, the server signature with the server public key. - View Dependent Claims (18, 19, 20)
-
Specification