METHOD TO MANAGE A ONE TIME PASSWORD KEY

US 20170104739A1
Filed: 03/25/2015
Published: 04/13/2017
Est. Priority Date: 03/25/2014
Status: Active Grant

First Claim

Patent Images

1. Method to manage a One Time Password key, referenced OTP key, used in an OTP algorithm in a user device having access to an unsafe storage including the preliminary steps of:

retrieving a Personal Identification Number, named PIN, of a user of the user device,deriving a symmetric key from the PIN,encrypting the OTP key using the derived symmetric key,storing the encrypted OTP key in the unsafe storagethe method further comprising the following steps, when the calculation of an OTP is required;

retrieving a PIN of a user of the user device,decrypting the stored OTP key using the derived symmetric key, andusing said decrypted OTP key and an incremental parameter to generate a next OTP,wherein the start value of the incremental parameter of the OTP generation is random.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to a method to manage a One Time Password key, referenced OTP key, used in an OTP algorithm in a user device having access to an unsafe storage including the steps of retrieving a Personal Identification Number, named PIN, of a user of the user device, deriving a symmetric key from the PIN, encrypting the OTP key using the derived symmetric key, storing the encrypted OTP key in the unsafe storage, decrypting the OTP key using the derived symmetric key, and generating a next OTP key using an incremental parameter, wherein the start value of the incremental parameter of the OTP key generation is random.

141 Citations

9 Claims

1. Method to manage a One Time Password key, referenced OTP key, used in an OTP algorithm in a user device having access to an unsafe storage including the preliminary steps of:
- retrieving a Personal Identification Number, named PIN, of a user of the user device,deriving a symmetric key from the PIN,encrypting the OTP key using the derived symmetric key,storing the encrypted OTP key in the unsafe storagethe method further comprising the following steps, when the calculation of an OTP is required;
  
  retrieving a PIN of a user of the user device,decrypting the stored OTP key using the derived symmetric key, andusing said decrypted OTP key and an incremental parameter to generate a next OTP,wherein the start value of the incremental parameter of the OTP generation is random.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. Method according to claim 1, wherein the incremental parameter has values within an interval, and the start value of the incremental parameter of the OTP generation is a generated random value chosen in this interval.
  - 3. Method according to claim 2, wherein, the number of possible values for the incremental parameter is limited and the algorithm is such that a counter is not wrapped, the start value of the incremental parameter of the OTP generation is a random value chosen in a limited interval of possible values for the incremental parameter.
  - 4. Method according to claim 3, wherein, in the case the counter is incremented, the limited interval is one including lowest bits.
  - 5. Method according to claim 1, wherein, the OTP algorithm is time based, the start value of the incremental parameter of the OTP generation is a random start time lying in the range from time 0 to current time such that the number of calculated time steps effectively becomes random.
  - 6. Method according to claim 1, wherein the incremental parameter of the OTP generation is derived from a one-way internal state updated after each OTP generation.
  - 7. Method according to claim 6, wherein the derivation of the incremental parameter is a reduction of the internal state to a predetermined interval of bytes of the internal state.
  - 8. Method according to claim 6, wherein the derivation of the incremental parameter is a mix of a part of the internal state and of a monotonically incremented value.
  - 9. User device having access to an unsafe storage and implementing the method to manage a One Time Password key according to claim 1.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gemalto SA (Thales SA)
Original Assignee
Gemalto SA (Thales SA)
Inventors
LANSLER, Martin, PETIT, Sbastien, PIERQUIN, Guillaume

Granted Patent

US 10,164,954 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

H04L 63/067   using one-time keys cryptog...

H04L 63/0838   using one-time-passwords

H04L 9/0863   involving passwords or one-...

H04L 9/0869   involving random numbers or...

H04L 9/12   Transmitting and receiving ...

H04L 9/3226   using a predetermined code,...

H04L 9/3228   One-time or temporary data,...

METHOD TO MANAGE A ONE TIME PASSWORD KEY

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

141 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD TO MANAGE A ONE TIME PASSWORD KEY

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

141 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links