Secure authentication using hardware token and computer fingerprint
First Claim
Patent Images
1. A method of authenticating a hardware token, comprising the steps of:
- providing a hardware token different from and connectable to a host computer;
generating in the host computer a host computer fingerprint F based at least in part on a unique characteristic of the host;
transmitting the host computer fingerprint F to an authorizing device different from the host computer and the hardware token;
establishing a secure communication mechanism between the hardware token and the authorizing device;
thereafter generating a random value R in the authorizing device and providing the random value R to the host computer;
computing in the host computer a challenge R′
derived at least in part from the host computer fingerprint F and the random value R;
transmitting the challenge R′
to the hardware token;
generating a response X in the hardware token, the response X generated at least in part from the challenge R′
; and
transmitting the response X from the hardware token to the authorizing device to authenticate the hardware token for operation with the host.
6 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for secure authentication of a hardware token is disclosed. In one embodiment, a host computer fingerprint is used to generate a partial seed for a challenge-response authentication which is performed on the hardware token. In another embodiment, the host computer fingerprint is used as a personal identification number for the hardware token.
-
Citations
33 Claims
-
1. A method of authenticating a hardware token, comprising the steps of:
-
providing a hardware token different from and connectable to a host computer; generating in the host computer a host computer fingerprint F based at least in part on a unique characteristic of the host; transmitting the host computer fingerprint F to an authorizing device different from the host computer and the hardware token; establishing a secure communication mechanism between the hardware token and the authorizing device; thereafter generating a random value R in the authorizing device and providing the random value R to the host computer; computing in the host computer a challenge R′
derived at least in part from the host computer fingerprint F and the random value R;transmitting the challenge R′
to the hardware token;generating a response X in the hardware token, the response X generated at least in part from the challenge R′
; andtransmitting the response X from the hardware token to the authorizing device to authenticate the hardware token for operation with the host. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus for authenticating a hardware token, comprising:
-
a hardware token different from and connectable to a host computer;
said host computer generating a host computer fingerprint F based at least in part on a unique characteristic of the host;means for transmitting the host computer fingerprint F to an authorizing device different from the host computer and the hardware token;
the host computer receiving a random value R generated by the authorizing device;
the host computer computing a challenge R′
, the challenge R′
derived at least in part from the host computer fingerprint F and the random value R;means for transmitting the challenge R′
to the hardware token;
the hardware token generating a response X, the response X generated at least in part from the challenge R′
; andmeans for securely transmitting the response X from the hardware token to the authorizing device. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A computer for authenticating a hardware token different from and connectable to the computer, the computer having a processor communicatively coupled to a memory storing instructions for performing steps of:
-
generating a host computer fingerprint F based at least in part on a unique characteristic of the host; transmitting the host computer fingerprint F to an authorizing device different from the computer and the hardware token; thereafter receiving a random value R from the authorizing device; computing a challenge R′
, the challenge R′
derived at least in part from the host computer fingerprint F and the random value R;transmitting the challenge R′
to the hardware token;receiving a cryptographically secured response X from the hardware token, the cryptographically secured response X generated at least in part from the challenge R′
; andtransmitting the cryptographically secured response X to the authorizing device. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification