METHOD TO MANAGE A ONE TIME PASSWORD KEY
First Claim
1. Method to manage a One Time Password key, referenced OTP key, used in an OTP algorithm in a user device having access to an unsafe storage including the preliminary steps of:
- retrieving a Personal Identification Number, named PIN, of a user of the user device,deriving a symmetric key from the PIN,encrypting the OTP key using the derived symmetric key,storing the encrypted OTP key in the unsafe storagethe method further comprising the following steps, when the calculation of an OTP is required;
retrieving a PIN of a user of the user device,decrypting the stored OTP key using the derived symmetric key, andusing said decrypted OTP key and an incremental parameter to generate a next OTP,wherein the start value of the incremental parameter of the OTP generation is random.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to a method to manage a One Time Password key, referenced OTP key, used in an OTP algorithm in a user device having access to an unsafe storage including the steps of retrieving a Personal Identification Number, named PIN, of a user of the user device, deriving a symmetric key from the PIN, encrypting the OTP key using the derived symmetric key, storing the encrypted OTP key in the unsafe storage, decrypting the OTP key using the derived symmetric key, and generating a next OTP key using an incremental parameter, wherein the start value of the incremental parameter of the OTP key generation is random.
-
Citations
9 Claims
-
1. Method to manage a One Time Password key, referenced OTP key, used in an OTP algorithm in a user device having access to an unsafe storage including the preliminary steps of:
-
retrieving a Personal Identification Number, named PIN, of a user of the user device, deriving a symmetric key from the PIN, encrypting the OTP key using the derived symmetric key, storing the encrypted OTP key in the unsafe storage the method further comprising the following steps, when the calculation of an OTP is required; retrieving a PIN of a user of the user device, decrypting the stored OTP key using the derived symmetric key, and using said decrypted OTP key and an incremental parameter to generate a next OTP, wherein the start value of the incremental parameter of the OTP generation is random. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification