Method and apparatus for using a third party authentication server
First Claim
Patent Images
1. An authentication server comprising:
- a memory, to store instructions for performing authentication; and
a processor, to execute the instructions, wherein the instructions cause the processor to have;
a comparison logic to receive, from a client, user authentication data, a record ID for a user, the record ID used to provide pseudonymity to the user, and a one-time key encrypted with a user'"'"'s public key, the comparison logic to determine whether the user authentication data matches stored data associated with the record ID; and
a decryption logic to decrypt the one-time key with a private key associated with the record ID, and to return the decrypted one-time key to the client.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for a third party authentication server is described. The method includes receiving a record ID for a user, and a one-time key generated by the server and encrypted with a user'"'"'s public key by the server. The method further includes receiving the user'"'"'s authentication data from the client, and determining if the user'"'"'s authentication data matches the record ID. If the authentication data matches the record ID, decrypting the one-time key with the user'"'"'s private key, and returning the decrypted one-time key to the client.
70 Citations
20 Claims
-
1. An authentication server comprising:
-
a memory, to store instructions for performing authentication; and a processor, to execute the instructions, wherein the instructions cause the processor to have; a comparison logic to receive, from a client, user authentication data, a record ID for a user, the record ID used to provide pseudonymity to the user, and a one-time key encrypted with a user'"'"'s public key, the comparison logic to determine whether the user authentication data matches stored data associated with the record ID; and a decryption logic to decrypt the one-time key with a private key associated with the record ID, and to return the decrypted one-time key to the client. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of authenticating a user, the method comprising in an authentication server:
-
receiving a record ID for a user, and a one-use nonce which has been encrypted with a user'"'"'s public key from a client; receiving user authentication data from the client; determining if the user authentication data matches stored data associated with the record ID; and if the user authentication data matches the stored data, decrypting the one-use nonce with a user'"'"'s private key and returning the decrypted one-use nonce to the client. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A server computing device comprising:
-
a memory, to store instructions for performing authentication; and a processor, to execute the instructions, wherein the instructions cause the processor to; receive a record ID for a user, and a one-use nonce which has been encrypted with a user'"'"'s public key from a client; receive user authentication data from the client; determine if the user authentication data matches stored data associated with the record ID; and if the user authentication data matches the stored data, decrypt the one-use nonce with a user'"'"'s private key and return the decrypted one-use nonce to the client. - View Dependent Claims (19, 20)
-
Specification