NETWORK NODE AUTHENTICATION

US 20180137512A1
Filed: 11/10/2017
Published: 05/17/2018
Est. Priority Date: 01/19/2016
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving, by a microprocessor and from a computing device, a set of credentials to be validated and an electronic address;

providing, by the microprocessor to the computing device, a challenge token;

receiving, by the microprocessor from the computing device, a signed version of the challenge token, the signed version being signed by a private key associated with a user of the computing device;

successfully validating, by the microprocessor, that the signature of the signed version of the challenge token is associated with the user;

in response to the successful validation of the signature, generating, by the microprocessor, an obfuscated unique identity associated with the user or the user device made up or derived from the set of credentials and/or user device characteristics; and

causing, by the microprocessor, a digital distributed secure ledger to be updated to include the obfuscated unique identity.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication technique is disclosed that uses a distributed secure listing of transactions that includes encrypted data that can be used to authenticate a principal to a verifier.

185 Citations

20 Claims

1. A method, comprising:
- receiving, by a microprocessor and from a computing device, a set of credentials to be validated and an electronic address;
  
  providing, by the microprocessor to the computing device, a challenge token;
  
  receiving, by the microprocessor from the computing device, a signed version of the challenge token, the signed version being signed by a private key associated with a user of the computing device;
  
  successfully validating, by the microprocessor, that the signature of the signed version of the challenge token is associated with the user;
  
  in response to the successful validation of the signature, generating, by the microprocessor, an obfuscated unique identity associated with the user or the user device made up or derived from the set of credentials and/or user device characteristics; and
  
  causing, by the microprocessor, a digital distributed secure ledger to be updated to include the obfuscated unique identity.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the set of credentials comprises one or more key-value pairs for which validation is requested and a unique identifier of the computing device or associated with the user of the computing device.
  - 3. The method of claim 2, wherein the unique identifier is an electronic address of the computing device, wherein the receiving and providing steps use a private communication channel, and wherein the private key corresponds to one or more electronic addresses of the computing device or the user.
  - 4. The method of claim 1, wherein the obfuscated unique identity comprises one or more of an encrypted version of the unique identifier of the computing device and a unique identity of the user, wherein the obfuscated unique identity is generated by a crypto-variable, and further comprising:
    - transmitting the crypto-variable and/or obfuscated unique identity to the computing device of the user.
  - 5. The method of claim 4, wherein the crypto-variable is a salt used to enrich a salted hash function and wherein the salt enriched salted hash function generated the obfuscated unique identity.

6. A method, comprising:
- receiving, by a computing device of a verifier, a signed version of a token, a public electronic address of a computing device of a principal, and a crypto-variable;
  
  successfully validating, by the verifier computing device, that a key of the principal was used to sign the signed version of the token;
  
  in response to the successful validation that the key of the principal was used to sign the signed version of the token, determining, by the verifier computing device, a non-expired transaction in a digital distributed secure ledger corresponds to selected first and second electronic addresses, non-expired transaction in the digital distributed secure ledger comprising an obfuscated attribute; and
  
  verifying, by the verifier computing device, that the obfuscated attribute was derived from the crypto-variable.
- View Dependent Claims (7, 8, 9)
- - 7. The method of claim 6, further comprising:
    - sending, by the verifier computing device to the principal computing device, the token and one or more keys, each of the one or more keys corresponding to a part of the principal'"'"'s identity.
  - 8. The method of claim 7, wherein, in the receiving step, the verifier computing device further receives from the principal computing device, one or more attributes of or associated with the principal and wherein the obfuscated attribute comprises one or more of an encrypted version of a unique identifier of the principal computing device and a unique identity of the principal.
  - 9. The method of claim 8, wherein the crypto-variable is a salt used to enrich a salted hash function and wherein the salt enriched salted hash function generated the obfuscated unique identity.

10. A verification system, comprising:
- an arithmetic/logic unit (“
  
  ALU”
  
  ) to perform one or more mathematical operations and compare selected variables;
  
  a register to hold a value from a comparison of selected variables performed by the ALU;
  
  an instruction decoder to provide read and write commands to memory;
  
  an address bus to provide a location address to memory for a read or write operation; and
  
  a data bus to provide or access data for a write or read operation to or from memory, wherein;
  
  as a part of a transaction, the ALU continuously and automatically;
  
  receives, from a computing device, a set of credentials to be validated and an electronic address;
  
  provides, to the computing device, a challenge token;
  
  receives, from the computing device, a signed version of the challenge token, the signed version being signed by a private key associated with a user of the computing device;
  
  successfully validates, by comparison of the received version of the challenge token with a version of the challenge token generated by the ALU using the private key, that the signature of the signed version of the challenge token is associated with the user;
  
  in response to the successful validation of the signature, generates an obfuscated unique identity associated with the user or the user device made up or derived from the set of credentials and/or user device characteristics; and
  
  causes a digital distributed secure ledger to be updated to include the obfuscated unique identity.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The system of claim 10, wherein the set of credentials comprises one or more key-value pairs for which validation is requested and a unique identifier of the computing device or associated with the user of the computing device.
  - 12. The system of claim 11, wherein the unique identifier is an electronic address of the computing device, wherein the receiving and providing operations use a private communication channel, and wherein the private key corresponds to one or more electronic addresses of the computing device or the user.
  - 13. The system of claim 10, wherein the obfuscated unique identity comprises one or more of an encrypted version of the unique identifier of the computing device and a unique identity of the user, wherein the obfuscated unique identity is generated by a crypto-variable, and wherein the ALU transmits the crypto-variable and/or obfuscated unique identity to the computing device of the user.
  - 14. The system of claim 13, wherein the crypto-variable is a salt used to enrich a salted hash function and wherein the salt enriched salted hash function generated the obfuscated unique identity.

15. A system, comprising:
- an arithmetic/logic unit (“
  
  ALU”
  
  ) to perform one or more mathematical operations and compare selected variables;
  
  a register to hold a value from a comparison of selected variables performed by the ALU;
  
  an instruction decoder to provide read and write commands to memory;
  
  an address bus to provide a location address to memory for a read or write operation; and
  
  a data bus to provide or access data for a write or read operation to or from memory, wherein;
  
  as a part of a transaction, the ALU continuously and automatically;
  
  receives a signed version of a token, a public electronic address of a computing device of a principal, and a crypto-variable;
  
  successfully validates, by comparison of the received version of the token with a version of the token generated by the ALU using a key of the principal, that a key of the principal was used to sign the signed version of the token;
  
  in response to the successful validation that the key of the principal was used to sign the signed version of the token, determines a non-expired transaction in a digital distributed secure ledger corresponds to selected first and second electronic addresses, non-expired transaction in the digital distributed secure ledger comprising an obfuscated attribute; and
  
  verifies that the obfuscated attribute was derived from the crypto-variable.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein the ALU sends, to the principal computing device, the token and one or more keys, each of the one or more keys corresponding to a part of the principal'"'"'s identity.
  - 17. The system of claim 16, wherein the ALU further receives from the principal computing device, one or more attributes of or associated with the principal and wherein the obfuscated attribute comprises one or more of an encrypted version of a unique identifier of the principal computing device and a unique identity of the principal.
  - 18. The system of claim 17, wherein the crypto-variable is a salt used to enrich a salted hash function and wherein the salt enriched salted hash function generated the obfuscated unique identity.
  - 19. The method of claim 18, wherein, in response to the successful completion of the verifying step, an information provider provides restricted information to the verifier computing device.
  - 20. The system of claim 15, wherein, in response to the successful completion of the verifying operation, an information provider provides restricted information to the verifier computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Zact, Inc.
Original Assignee
Priv8Pay, Inc.
Inventors
GEORGIADIS, Ioannis, HARIHARAN, Gopalakrishnan, THOMAS, John K.

Granted Patent

US 11,004,072 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06Q 20/065   using e-cash

G06Q 20/3829   involving key management

G06Q 20/4014   Identity check for transact...

G06Q 2220/00   Business processing using c...

G06Q 50/184   Intellectual property manag...

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 2209/42   Anonymization, e.g. involvi...

H04L 63/0407   wherein the identity of one...

H04L 63/08   for authentication of entit...

H04L 63/126   the source of the received ...

H04L 9/0819   Key transport or distributi...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/085   Secret sharing or secret sp...

H04L 9/14   using a plurality of keys o...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3236   using cryptographic hash fu...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/3271   using challenge-response

H04L 9/50   using hash chains, e.g. blo...

NETWORK NODE AUTHENTICATION

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

185 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

NETWORK NODE AUTHENTICATION

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

185 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links