Hardware Cryptographic Authentication
First Claim
1. A device capable of communications with one or more other devices via a communications network, the device comprising:
- a first processor;
a communication system for two-way communications with the one or more other devices on the network, the communication system communicably connected with the first processor; and
an authentication chip communicatively connectable with the first processor and the communication system, the authentication chip having;
a second processor; and
a memory communicably connected to the second processor for storinga unique serial number for the device,a key, wherein the key is to be written once and never read by the first processor, andone or more authentication code functions,wherein the first processor is configured to, after a secure data transport session is established between the device and an other device of the one or more devices that attempts to communicate with the device over the network, receive an authentication request from the other device and pass the authentication request to the second processor; and
wherein the second processor is configured to, in response to the authentication request,execute one or more of the authentication code functions to generate one or more authentication codes using the unique serial number of the device and the key; and
provide the one or more generated authentication codes to the first processor to be provided in a response to the other device over the network.
3 Assignments
0 Petitions
Accused Products
Abstract
An example method of establishing an authenticated session between two communicating devices includes establishing, by a first processor of a first device, a secure connection with a second device over the network using a communications protocol; receiving, by the first processor, an identity authentication request from the second device; passing, by the first processor, the identity authentication request to a second processor located on an authentication chip of the first device; generating, by the second processor using one or more authentication code functions stored on the authentication chip, one or more authentication codes using a unique serial number of the first device and an authentication key, both stored on the authentication chip; providing, by the second processor, the one or more generated authentication codes to the first processor; and sending, by the first processor, a response to the second device that includes the one or more generated authentication codes.
-
Citations
24 Claims
-
1. A device capable of communications with one or more other devices via a communications network, the device comprising:
-
a first processor; a communication system for two-way communications with the one or more other devices on the network, the communication system communicably connected with the first processor; and an authentication chip communicatively connectable with the first processor and the communication system, the authentication chip having; a second processor; and a memory communicably connected to the second processor for storing a unique serial number for the device, a key, wherein the key is to be written once and never read by the first processor, and one or more authentication code functions, wherein the first processor is configured to, after a secure data transport session is established between the device and an other device of the one or more devices that attempts to communicate with the device over the network, receive an authentication request from the other device and pass the authentication request to the second processor; and wherein the second processor is configured to, in response to the authentication request, execute one or more of the authentication code functions to generate one or more authentication codes using the unique serial number of the device and the key; and provide the one or more generated authentication codes to the first processor to be provided in a response to the other device over the network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of establishing a secure and authenticated connection between two devices in communication via a network, the method comprising:
-
establishing, by a first processor of a first device, a secure connection with a second device over the network using a communications protocol; receiving, by the first processor, an identity authentication request from the second device; passing, by the first processor, the identity authentication request to a second processor located on an authentication chip of the first device; generating, by the second processor using one or more authentication code functions stored on the authentication chip, one or more authentication codes using a unique serial number of the first device and an authentication key, the unique serial number and the authentication key both stored on the authentication chip; providing, by the second processor, the one or more generated authentication codes to the first processor; and sending, by the first processor, a response to the second device that includes the one or more generated authentication codes. - View Dependent Claims (9, 10, 11, 12)
-
-
13. At least one non-transitory computer-readable medium having computer program logic stored thereon, the computer program logic including instructions to cause processors of a first device to:
-
establish, by a first processor, a secure connection with a second device over a network using a communications protocol; receive, by the first processor, an identity authentication request from the second device; pass, by the first processor, the identity authentication request to a second processor located on an authentication chip of the first device; generate, by the second processor using one or more authentication code functions stored on the authentication chip, one or more authentication codes using a unique serial number of the first device and an authentication key, the unique serial number and the authentication key both stored on the authentication chip; provide, by the second processor, the one or more generated authentication codes to the first processor; and send, by the first processor, a response to the second device that includes the one or more generated authentication codes. - View Dependent Claims (14, 15, 16, 17)
-
-
18. An authentication chip of a device capable of communications with other devices on a network, the authentication chip comprising:
-
an authentication processor; and a memory communicably connected to the authentication processor for storing a unique serial number for the device, a key, wherein the key is to be written once and never read by a main processor of the device, and one or more authentication code functions, wherein the authentication processor is configured to; receive an authentication request from a main processor of the device, the authentication request received by the main processor from an other device on the network after a secure data transport session was established between the device and the other device; execute the one or more authentication code functions to generate one or more authentication codes, in response to the authentication request, using the unique serial number and the key; and provide the one or more generated authentication codes to the main processor to be provided in a response to the other device over the network. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
Specification