×

Localized network authentication and security using tamper-resistant keys

  • US 7,853,788 B2
  • Filed: 12/13/2007
  • Issued: 12/14/2010
  • Est. Priority Date: 10/08/2002
  • Status: Active Grant
First Claim
Patent Images

1. A method of authenticating computing devices on a communications network, the method comprising the steps of:

  • receiving a first encrypted challenge from a computing device, wherein said first encrypted challenge comprises a first random number and a computing device identifier associated with said computing device, said first encrypted challenge being encrypted with a first network cryptographic key;

    decrypting the first encrypted challenge with a second network cryptographic key, and extracting the first random number and the computing device identifier;

    obtaining a first secret cryptographic key associated with said computing device identifier, and encrypting said first random number with said first secret cryptographic key;

    generating a second random number;

    transmitting a second challenge to said computing device, wherein said second challenge comprises said encrypted first random number and said second random number;

    decrypting said encrypted first random number with said first secret cryptographic key;

    determining whether said decrypted first random number corresponds to said first random number;

    in response to said decrypted first random number not corresponding to said first random number, said communications device aborting authentication; and

    in response to said decrypted first random number corresponding to said first random number;

    generating a third challenge, wherein said third challenge comprises said second random number encrypted with said first secret cryptographic key;

    receiving said third challenge;

    decrypting said encrypted second random number with said first secret cryptographic key; and

    determining whether said decrypted second random number corresponds to said second random number;

    in response to said decrypted second random number not corresponding to said second random number, storing an address identifier associated with the computing device in a database for unauthorized computing devices; and

    in response to said decrypted second random number corresponding to said second random number, storing an address identifier associated with the computing device in a database for authorized computing devices.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×