Method of authentication based on intersection of password sets

US 6,128,742 A
Filed: 02/17/1998
Issued: 10/03/2000
Est. Priority Date: 02/17/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method of authenticating the identity of a particular party involved in communicating over a computer network system, the method comprising the steps of:

providing a first party with a first password set, the first password set being stored on a first storage device of the first party;

providing a second party with a second password set, the second password set being stored on a second storage device of the second party;

transmitting an authentication message based on the first password set from the first party to the second party; and

authenticating the identity of the first party by the second party for further communications over the computer network if it is demonstrated, based on an analysis of the authentication message, that the first and second password sets contain at least one common password.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

There is disclosed a method of authenticating the identity of a first party involved in communicating over a computer network system. The method comprises the steps of: providing the first party with a first password set; providing a second party with a second password set; transmitting an authentication message based on the first password set from the first party to the second party; and authenticating the identity of the first party by the second party for further communications over the computer network if it is demonstrated, based on an analysis of the authentication message, that the first and second password sets contain at least one common password.

86 Citations

View as Search Results

26 Claims

1. A method of authenticating the identity of a particular party involved in communicating over a computer network system, the method comprising the steps of:
- providing a first party with a first password set, the first password set being stored on a first storage device of the first party;
  
  providing a second party with a second password set, the second password set being stored on a second storage device of the second party;
  
  transmitting an authentication message based on the first password set from the first party to the second party; and
  
  authenticating the identity of the first party by the second party for further communications over the computer network if it is demonstrated, based on an analysis of the authentication message, that the first and second password sets contain at least one common password.
- View Dependent Claims (2, 3, 4, 21)
- - 2. A method of updating password sets used to authenticate the identity of a party involved in communicating over a computer network system according to the method of claim 1, wherein the first and second password sets include one or more initial common passwords, the method of updating password sets comprising the steps of:
    - updating the second password set with one or more new passwords; and
      
      updating the first password set with the one or more new passwords after updating the second password set.
  - 3. The method of claim 2, further comprising the step of deleting the one or more initial common passwords from the first password set after the step of updating the first password set.
  - 4. The method of claim 3, further comprising the step of deleting the one or more initial common passwords from the second password set after the step of deleting the one or more initial common passwords from the first password set.
  - 21. The method of claim 1, wherein, if the first and second password sets contain at least one common member, further comprising the steps of:
    - transmitting a further authentication message, which is based on the second password set, from the second party to the first party; and
      
      authenticating the identity of the second party by the first party if, based on the analysis of the further authentication message, the first party determines that the first and second password sets contain at least one common member.

5. A method of authenticating the identity of a particular party involved in communicating over a computer network system, the method comprising the steps of:
- providing a first party with a first password set, the first password set being stored on a first storage device of the first party;
  
  providing a second party with a second password set, the second password set being stored on a second storage device of the second party;
  
  transmitting the first password set from the first party to the second party;
  
  comparing the first password set with the second password set by the second party; and
  
  authenticating the identity of the first party by the second party for further communications over the computer network if the first and second password sets contain at least one common password.
- View Dependent Claims (6, 7, 8, 22)
- - 6. A method of updating password sets used to authenticate the identity of a party involved in communicating over a computer network system according to the method of claim 5, wherein the first and second password sets include one or more initial common passwords, the method of updating password sets comprising the steps of:
    - updating the second password set with one or more new passwords; and
      
      updating the first password set with the one or more new passwords after updating the second password set.
  - 7. The method of claim 6, further comprising the step of deleting the one or more initial common passwords from the first password set after the step of updating the first password set.
  - 8. The method of claim 7, further comprising the step of deleting the one or more initial common passwords from the second password set after the step of deleting the one or more initial common passwords from the first password set.
  - 22. The method of claim 5, wherein, if the first and second modified password sets contain the at least one common member, further comprising the steps of:
    - transmitting a further authentication message from the second party to the first party; and
      
      after the further authentication message is transmitted, authenticating the identity of the second party if the first party determines that the first and second password sets contain at least one common member.

9. A method of authenticating the identity of a particular party involved in communicating over a computer network system, the method comprising the steps of:
- providing a first party with a first password set;
  
  providing a second party with a second password set;
  
  forming a first modified password set by operating on the first password set with a predetermined function by the first party;
  
  forming a second modified password set by operating on the second password set with the predetermined function by the second party;
  
  transmitting the first modified password set from the first party to the second party;
  
  comparing the first modified password set with the second modified password set by the second party; and
  
  authenticating the identity of the first party by the second party for further communications over the computer network if the first and second modified password sets contain at least one common password.
- View Dependent Claims (10, 11, 12, 23)
- - 10. A method of updating password sets used to authenticate the identity of a party involved in communicating over a computer network system according to the method of claim 9, wherein the first and second password sets include one or more initial common passwords, the method of updating password sets comprising the steps of:
    - updating the second password set with one or more new passwords; and
      
      updating the first password set with the one or more new passwords after updating the second password set.
  - 11. The method of claim 10, further comprising the step of deleting the one or more initial common passwords from the first password set after the step of updating the first password set.
  - 12. The method of claim 11, further comprising the step of deleting the one or more initial common passwords from the second password set after the step of deleting the one or more initial common passwords from the first password set.
  - 23. The method of claim 9, wherein, if the first and second modified password sets contain at least one common member, further comprising the steps of:
    - forming a third modified password set by operating on the first password set with a further predetermined function by the first party;
      
      forming a fourth modified password set by operating on the second password set with the further predetermined function by the second party;
      
      transmitting the fourth modified password set from the second party to the first party; and
      
      authenticating the identity of the second party if the first party determines that the third and fourth modified password sets contain at least one common member.

13. A method of authenticating the identity of a particular party involved in communicating over a computer network system, the method comprising the steps of:
- providing a first party with a first password set;
  
  providing a second party with a second password set;
  
  generating a first random challenge value by the second party;
  
  transmitting the first random challenge value to the first party;
  
  forming a first modified password set from the first password set by the first party using the first random challenge value;
  
  forming a second modified password set from the second password set by the second party using the first random challenge value;
  
  transmitting the first modified password set to the second party;
  
  comparing the first and second modified password sets by the second party; and
  
  authenticating the identity of the first party by the second party if the first and second modified password sets contain at least one common member.
- View Dependent Claims (14, 15, 16, 17, 18, 24)
- - 14. The method of claim 13, wherein the step of forming a first modified password set comprises forming a first hash set by operating on each member of the first password set with a one-way hash function and the first random challenge value;
    - and wherein the step of forming a second modified password set comprises forming a second hash set by operating on each member of the second password set with the one-way hash function and the first random challenge value.
  - 15. The method of claim 13, wherein, if the first and second modified password sets contain at least one common member, further comprising the steps of:
    - generating a second random challenge value by the first party;
      
      transmitting the second random challenge value to the second party;
      
      forming a third modified password set from the first password set by the first party using the second random challenge value;
      
      forming a fourth modified password set from the second password set by the second party using the second random challenge value;
      
      transmitting the fourth modified password set to the first party;
      
      comparing the third and fourth modified password sets; and
      
      authenticating the identity of the second party by the first party if the third and fourth modified password sets contain at least one common member.
  - 16. A method of updating password sets used to authenticate the identity of a party involved in communicating over a computer network system according to the method of claim 13, wherein the first and second password sets include one or more initial common passwords, the method of updating password sets comprising the steps of:
    - updating the second password set with one or more new passwords; and
      
      updating the first password set with the one or more new passwords after updating the second password set.
  - 17. The method of claim 16, further comprising the step of deleting the one or more initial common passwords from the first password set after the step of updating the first password set.
  - 18. The method of claim 17, further comprising the step of deleting the one or more initial common passwords from the second password set after the step of deleting the one or more initial common passwords from the first password set.
  - 24. The method of claim 13, wherein, if the first and second modified password sets contain at least one common member, further comprising the steps of:
    - generating a second random challenge value by the first party;
      
      transmitting the second random challenge value to the second party;
      
      forming a third modified password set from the first password set by the first party using the second random challenge value;
      
      forming a fourth modified password set from the second password set by the second party using the second random challenge value;
      
      transmitting the fourth modified password set from the second party to the first party; and
      
      authenticating the identity of the second party if the first party determines that the third and fourth modified password sets contain at least one common member.

19. A method of authenticating the identity of a particular party involved in communicating over a computer network system, the method comprising the steps of:
- providing a first party with a first password set;
  
  providing a second party with a second password set;
  
  transmitting a first authentication message, which is based on the first password set and a predetermined criteria, from the first party to a third party;
  
  transmitting a second authentication message which is based on the second password set and the predetermined criteria, from the second party to the third party; and
  
  authenticating the identity of the first party by the third party for further communications over the computer network if it is demonstrated, based on an analysis of the first and second authentication messages, that the first and second password sets contain at least one common password.
- View Dependent Claims (25)
- - 25. The method of claim 19, wherein, if the first and second password sets contain at least one common member, further comprising the steps of:
    - transmitting a further authentication message from the second party to the first party;
      
      transmitting a third authentication message, which is based on the first password set and a further predetermined criteria, from the first party to a third party;
      
      transmitting a fourth authentication message, which is based on the second password set and the further predetermined criteria, from the second party to the third party; and
      
      authenticating the identity of the second party if, based on the analysis of the third and fourth authentication messages, the first party determines that the first and second password sets contain at least one common member.

20. A networked computer system comprising:
- a first terminal and a second terminal;
  
  the first terminal having stored therein a first password set and comprising;
  
  a first computing means for operating on the first password set with a predetermined function,a first comparing means for comparing the output of the first computing means with a transmitted set of values from the second terminal, anda first transmitting means for transmitting the output of the first computing means to the second terminal; and
  
  the second terminal having stored therein a second password set and comprising;
  
  a second computing means for operating on the second password set with the predetermined function,a second comparing means for comparing the output of the second computing means with a transmitted set of values from the first terminal, anda second transmitting means for transmitting the output of the second computing means to the first terminal.

26. A networked computer system, comprising:
- a first terminal; and
  
  a second terminal, wherein the first terminal has stored therein a first password set, and comprising;
  
  a first computing arrangement operating on the first password set using a predetermined function and generating a first output,a first comparing arrangement comparing the first output to a transmitted set of values from the second terminal, anda first transmitting arrangement transmitting the first output to the second terminal, and wherein the second terminal has stored therein a second password set, and comprising;
  
  a second computing arrangement operating on the second password set using the predetermined function and generating a second output,a second comparing arrangement comparing the second output to a transmitted set of values from the first terminal, anda second transmitting arrangement transmitting the second output to the first terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
BEA Systems Incorporated (Oracle Corporation)
Inventors
Felt, Edward Porter
Primary Examiner(s)
Iqbal, Nadeem

Application Number

US09/025,116
Time in Patent Office

959 Days
Field of Search

713/202, 713/200, 713/201, 380/4, 380/23, 380/25, 380/9, 380/29, 340/825.31, 340/825.34, 235/382.5, 235/380, 709/224, 709/225
US Class Current

726/5
CPC Class Codes

G06F 21/31   User authentication

H04L 63/083   using passwords cryptograph...

H04L 63/0869   for achieving mutual authen...

Method of authentication based on intersection of password sets

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

86 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Method of authentication based on intersection of password sets

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

86 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links