Tamper resistant method and apparatus
First Claim
Patent Images
1. A tamper resistant method for securing a user'"'"'s data comprising:
- initializing the presence of at least one user on a tamper resistant networked device using a first protocol; and
establishing routine operations by the user on the network using a second protocol, wherein the first protocol comprises;
the user sending a message to a network server;
the server verifying the presence of a user record;
the server creating a new record if an existing record does not exist;
the server sending a random challenge to the user;
the user signing the random challenge and sending the signed random challenge to the server;
the server verifying the user signature and thereafter generating a session key for the initialization protocol, the server further signing the session key and sending the key back to the user;
the user choosing a passphrase, encrypting the passphrase and sending the encrypted passphrase back to the server; and
the server generating a symmetric key, the symmetric key encrypted by the server and sent to the user.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for securing data in a tamper resistant fashion on a computer connected to a network. The presence of a user on a network is established using one protocol with routine operations conducted by the user on the network using a second protocol. Public and private key encryption is used to establish the validity of both the user and the server on the network user on the network. Keys are passed only after verification of the authenticity of the user on the network.
-
Citations
18 Claims
-
1. A tamper resistant method for securing a user'"'"'s data comprising:
-
initializing the presence of at least one user on a tamper resistant networked device using a first protocol; and establishing routine operations by the user on the network using a second protocol, wherein the first protocol comprises; the user sending a message to a network server; the server verifying the presence of a user record; the server creating a new record if an existing record does not exist; the server sending a random challenge to the user; the user signing the random challenge and sending the signed random challenge to the server; the server verifying the user signature and thereafter generating a session key for the initialization protocol, the server further signing the session key and sending the key back to the user; the user choosing a passphrase, encrypting the passphrase and sending the encrypted passphrase back to the server; and the server generating a symmetric key, the symmetric key encrypted by the server and sent to the user. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
2. A tamper resistant method for securing a user'"'"'s data comprising:
-
initializing the presence of at least one user on a tamper resistant networked device using a first protocol; and establishing routine operations by the user on the network using a second protocol, wherein the second protocol comprises; the user providing a passphrase to open a user workstation; the user sending a first message to a network server identifying the presence of the user on the network; the server looking up the record of the user to verify the user is permitted access; the server generating a random challenge to the user; the user signing the challenge and sending the signed challenge back to the server; the server checking the signed challenge; the server generating a temporary symmetric key and sending the temporary symmetric key back to the user, enciphered in a confidentiality key of the user'"'"'s known to the server; the user receiving the temporary symmetric key; the user generating a random challenge to the server, the user encrypting the random challenge using the temporary symmetric key; the server signing the challenge from the user and encrypting the signed challenge using the temporary symmetric key; the user verifying the signature on the challenge from the server; the user encrypting the users passphrase using the temporary symmetric key and sending the encrypted passphrase to the server; the server decrypting the encrypted passphrase and checking the passphrase against a record of the users passphrase stored in the server; and
, if that passphrase is correct;the server sending a symmetric key to the user for subsequent use. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneePayPal, Inc. (PayPal Holdings, Inc.), Paypal International Limited (PayPal Holdings, Inc.)
-
Original AssigneeCybercash, Inc. (VeriSign, Inc.)
-
InventorsEllison, Carl
-
Primary Examiner(s)Barron, Jr., Gilberto
-
Application NumberUS08/965,595Time in Patent Office943 DaysField of Search380/21, 380/24, 380/25, 380/279, 380/281, 380/283, 380/284, 705/66, 705/70, 705/64, 705/71, 705/67, 705/77, 713/171, 713/172, 713/183, 713/185US Class Current713/171CPC Class CodesG06F 21/31 User authenticationG06Q 20/085 involving remote charge det...G06Q 20/3674 involving authenticationG06Q 20/3829 involving key managementH04L 63/0442 wherein the sending and rec...H04L 63/061 for key exchange, e.g. in p...H04L 63/083 using passwords cryptograph...
