×

Secure two-piece user authentication in a computer network

  • US 5,953,422 A
  • Filed: 12/31/1996
  • Issued: 09/14/1999
  • Est. Priority Date: 12/31/1996
  • Status: Expired due to Term
First Claim
Patent Images

1. A method for securely authenticating user identity in a computer network including a network server coupled to at least one network node capable of communicating with an external token that includes a cryptographic algorithm and an encryption key, the network node further incorporating a secure memory and an associated secure operating mode independent from the general memory and operating mode of the network node, the method comprising the steps of:

  • placing the network node into the secure operating mode, and while in the secure operating mode, performing the steps of;

    receiving a user password from a user in the network node;

    communicatively coupling the external token to the network node;

    providing the user password to the cryptographic algorithm stored in the token;

    encrypting the user password with the cryptographic algorithm and the encryption key to produce a network password;

    storing the network password within the secure memory; and

    exiting the secure operating mode; and

    performing the following steps for network access;

    encrypting the network password stored in secure memory using a network server public key creating an encrypted network password;

    communicating the encrypted network password to the network server;

    decrypting the encrypted network password in the network server using a network server private key corresponding to the network server public key; and

    comparing the decrypted network password or portions thereof to information maintained by the network server in order to verify user identity and/or determine network privileges accorded to the network password.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×