Human input security codes
First Claim
1. One or more computer storage media having computer executable instructions, that when implemented, perform a method for generating a security code for communication by a human user to a device, the method comprising:
- a) generating by a computing device a hash value based on a combination of a modifier and a first data value;
b) repeating the operations of generating a hash value to generate a plurality of hash values, wherein each time the generating operation is repeated the modifier is changed;
c) terminating the repeating when a termination condition is met, the termination condition comprising a time parameter specifying a time limit for the repeating operation and further comprising a probability below a probability threshold that a more secure hash value will be generated within a remaining time of the time limit;
d) selecting by a computing device a second hash value from the plurality of hash values;
e) generating by a computing device a first hash value based on a combination of the modifier associated with the second hash value and a second data value;
f) generating by a computing device a security code for communication by the human user, the security code containing at least a portion of the first hash value; and
g) communicating by a computing device the security code to the human user.
2 Assignments
0 Petitions
Accused Products
Abstract
The hash extension technique used to generate an ECGA may be used to increase the strength of one-way hash functions and/or decrease the number of bits in any situation where some external requirement limits the number of hash bits, and that limit is below what is (or may be in the future) considered secure against brute-force attacks. For example, to decrease the length of human entered security codes (and maintain the same security), and/or to increase the strength of a human entered security code (and maintain the length of the security code), the security code may be generated and/or authenticated using an extended hash method.
-
Citations
18 Claims
-
1. One or more computer storage media having computer executable instructions, that when implemented, perform a method for generating a security code for communication by a human user to a device, the method comprising:
-
a) generating by a computing device a hash value based on a combination of a modifier and a first data value; b) repeating the operations of generating a hash value to generate a plurality of hash values, wherein each time the generating operation is repeated the modifier is changed; c) terminating the repeating when a termination condition is met, the termination condition comprising a time parameter specifying a time limit for the repeating operation and further comprising a probability below a probability threshold that a more secure hash value will be generated within a remaining time of the time limit; d) selecting by a computing device a second hash value from the plurality of hash values; e) generating by a computing device a first hash value based on a combination of the modifier associated with the second hash value and a second data value; f) generating by a computing device a security code for communication by the human user, the security code containing at least a portion of the first hash value; and g) communicating by a computing device the security code to the human user. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method comprising:
-
a) generating by a computing device a hash value based on a combination of a modifier and a first data value; and
repeating the operations of generating a hash value to generate a plurality of hash values, wherein each time the generating operation is repeated the modifier is changed;b) terminating the computing when a termination condition is met, the termination condition comprising a time parameter specifying a time limit for the repeating operation and further comprising a probability below a probability threshold that a more secure hash value will be generated within a remaining time of the time limit; c) selecting by the computing device a second hash value from the plurality of hash values; d) computing by the computing device a first hash value using a first hash function, wherein an input to the first hash function includes a concatenation of the data value and the modifier used in computing the second hash value, the first hash value being different from the second hash value; e) setting by the computing device at least a portion of a security code to a portion of the first hash value, the security code being usable by a human user to authenticate the data value to a device; and f) communicating by the computing device the security code to the human user. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A computing device comprising:
-
a computer processor for executing computer executable instructions; and a computer storage medium storing computer executable instructions that when executed by the computer processor perform a method comprising; generating a hash value based on a combination of a modifier and a first data value; and
repeating the operations of generating a hash value to generate a plurality of hash values, wherein each time the generating operation is repeated the modifier is changed;terminating the computing when a termination condition is met, the termination condition comprising a time parameter specifying a time limit for the repeating operation and further comprising a probability below a probability threshold that a more secure hash value will be generated within a remaining time of the time limit; selecting a second hash value from the plurality of hash values; computing a first hash value using a first hash function, wherein an input to the first hash function includes a concatenation of the data value and the modifier used in computing the second hash value, the first hash value being different from the second hash value; setting at least a portion of a security code to a portion of the first hash value, the security code being usable by a human user to authenticate the data value to a device; and communicating the security code to the human user. - View Dependent Claims (17, 18)
-
Specification