EFFICIENT METHODS FOR PROTECTING IDENTITY IN AUTHENTICATED TRANSMISSIONS

US 20150200774A1
Filed: 01/13/2015
Published: 07/16/2015
Est. Priority Date: 01/13/2014
Status: Active Grant

First Claim

Patent Images

1. An access device comprising:

a processor; and

a non-transitory computer-readable storage medium comprising code executable by the processor for implementing a method comprising;

sending an access device public key to a user device, wherein the access device public key is associated with an access device private key;

receiving a blinded user device public key and encrypted user device data from the user device, wherein the blinded user device public key is generated using a user device public key and a cryptographic nonce; and

generating a shared secret using the access device private key and the blinded user device public key; and

decrypting the encrypted user device data using the shared secret.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided for protecting identity in an authenticated data transmission. For example, a contactless transaction between a portable user device and an access device may be conducted without exposing the portable user device'"'"'s public key in cleartext. In one embodiment, an access device may send an access device public key to a portable user device. The user device may return a blinded user device public key and encrypted user device data. The access device may determine a shared secret using the blinded user device public key and an access device private key. The access device may then decrypt the encrypted user device data using the shared secret.

72 Citations

View as Search Results

21 Claims

1. An access device comprising:
- a processor; and
  
  a non-transitory computer-readable storage medium comprising code executable by the processor for implementing a method comprising;
  
  sending an access device public key to a user device, wherein the access device public key is associated with an access device private key;
  
  receiving a blinded user device public key and encrypted user device data from the user device, wherein the blinded user device public key is generated using a user device public key and a cryptographic nonce; and
  
  generating a shared secret using the access device private key and the blinded user device public key; and
  
  decrypting the encrypted user device data using the shared secret.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The access device of claim 1, wherein the access device key pair is an ephemeral key pair, wherein the ephemeral key pair is deleted after the shared secret is determined.
  - 3. The access device of claim 1, wherein decrypting the encrypted user device data using the shared secret comprises generating a session key using the shared secret.
  - 4. The access device of claim 1, wherein the user device data comprises a user device certificate comprising a user device public key and the cryptographic nonce used to generate the blinded user device public key, and wherein the method further comprises:
    - validating the user device certificate;
      
      generating a second blinded user device public key using the user device public key and the cryptographic nonce; and
      
      comparing the second blinded user device public key with the received blinded user device public key, wherein the user device is authenticated if the second blinded user device public key matches the received blinded user device public key.
  - 5. The access device of claim 1, wherein the shared secret is a first shared secret, and wherein the method further comprises:
    - generating a second shared secret using the first shared secret; and
      
      associating the second shared secret with the user device, wherein the second shared secret is used to decrypt subsequent user device data received from the user device.
  - 6. The access device of claim 1, the method further comprising:
    - conducting a transaction using the user device data.
  - 7. A system comprising:
    - the access device of claim 1; and
      
      the user device, wherein the user device is configured to;
      
      receive an access device public key;
      
      generate a shared secret using the access device public key, a user device private key, and the cryptographic nonce;
      
      encrypt user device data using the shared secret; and
      
      send the encrypted user device data and the blinded user device public key to the access device.

8. A computer-implemented method comprising:
- sending, by an access device having one or more processors, an access device public key to a user device, wherein the access device public key is associated with an access device private key;
  
  receiving, by the access device, a blinded user device public key from the user device, wherein the blinded user device public key is generated using a user device public key and a cryptographic nonce; and
  
  generating, by the access device, a shared secret using the access device private key and the blinded user device public key, wherein the shared secret is known to the user device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer-implemented method of claim 8, wherein the access device key pair is an ephemeral key pair, wherein the ephemeral key pair is deleted after shared secret is generated.
  - 10. The computer-implemented method of claim 8, further comprising:
    - generating, by the access device, a session key using the shared secret, wherein the session key is used to .
  - 11. The computer-implemented method of claim 10, further comprising:
    - receiving, by the access device, encrypted user device data from the user device; and
      
      decrypting, by the access device, the encrypted user device data using the session key to determine user device data.
  - 12. The computer-implemented method of claim 11, wherein the user device data comprises a user device certificate comprising a user device public key and a cryptographic nonce used to generate the blinded user device public key, and wherein the method further comprises:
    - validating, by the access device, the user device certificate;
      
      generating, by the access device, a second blinded user device public key using the user device public key and the cryptographic nonce; and
      
      comparing, by the access device, the second blinded user device public key with the received blinded user device public key, wherein the user device is authenticated if the second blinded user device public key matches the received blinded user device public key.
  - 13. The computer-implemented method of claim 11, wherein the shared secret is a first shared secret, and wherein the method further comprises:
    - generating, by the access device, a second shared secret using the first shared secret; and
      
      associating, by the access device, the second shared secret with the user device, wherein the second shared secret is used to decrypt subsequent user device data received from the user device.
  - 14. The computer-implemented method of claim 11, further comprising:
    - conducting, by the access device, a transaction using the user device data.

15. A computer-implemented method comprising:
- receiving, by a user device, an access device public key from an access device;
  
  generating, by the user device, a shared secret using the access device public key and a user device private key;
  
  generating, by the user device, a blinded user device public key using a user device public key and a cryptographic nonce;
  
  encrypting, by the user device, user device data using the shared secret; and
  
  sending, by the user device, the blinded user device public key and the encrypted user device data to the access device, thereby allowing the access device to generate the shared secret using the blinded user device public key and an access device private key corresponding to the access device public key and to decrypt the encrypted user device data using the shared secret.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The computer-implemented method of claim 15, wherein the access device key pair is an ephemeral key pair, wherein the user device deletes the access device public key after the shared secret is generated.
  - 17. The computer-implemented method of claim 15, wherein encrypting the user device data comprises generating, by the user device, a session key using the shared secret.
  - 18. The computer-implemented method of claim 17, further comprising:
    - encrypting, by the user device, user device data using the session key to generate encrypted user device data; and
      
      sending, by the user device, the encrypted user device data to the access device.
  - 19. The computer-implemented method of claim 18, wherein the user device data comprises a user device certificate and a cryptographic nonce used to generate the blinded user device public key, and wherein the access device authenticates the user device using the user device certificate and the cryptographic nonce.
  - 20. The computer-implemented method of claim 18, wherein the shared secret is a first shared secret, and wherein the method further comprises:
    - generating, by the user device, a second shared secret using the first shared secret; and
      
      associating, by the user device, the second shared secret with the access device, wherein the second shared secret is used to encrypt subsequent user device data sent by the user device.
  - 21. The computer-implemented method of claim 18, wherein the access device conducts a transaction using the user device data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Le Saint, Eric

Granted Patent

US 9,647,832 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2209/04   Masking or blinding

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 2209/24   Key scheduling, i.e. genera...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/0819   Key transport or distributi...

H04L 9/0844   with user authentication or...

H04L 9/14   using a plurality of keys o...

H04W 12/041   Key generation or derivation

EFFICIENT METHODS FOR PROTECTING IDENTITY IN AUTHENTICATED TRANSMISSIONS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

72 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

EFFICIENT METHODS FOR PROTECTING IDENTITY IN AUTHENTICATED TRANSMISSIONS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

72 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links