Two-way authentication using a combined code
First Claim
1. A method, comprising:
- receiving a combined code comprising a combined code hash of at least two sets of data from which an encoding scheme of the at least two sets of data can be determined, the at least two sets of data comprising;
a first set of data that includes a first hash of a public key associated with a certificate used to establish a secure channel with a target service, anda second set of data that includes a credential for authentication;
validating the certificate with the first set of data included in the combined code; and
responsive to successful validation of the certificate, providing the credential from the second set of data to the target service for authentication.
1 Assignment
0 Petitions
Accused Products
Abstract
An authentication process for a client and a target service to perform mutual authentication. A combined code is received that comprises a combined code hash of at least two sets of data from which an encoding scheme of the at least two sets of data can be determined. The two sets of data comprise a first set of data that includes a first hash of a public key associated with a certificate used to establish a secure channel with a target service, and a second set of data that includes a credential for authentication. The certificate can be validated with the first set of data included in the combined code. In response to a successful validation of the certificate, the credential from the second set of data can be provided to the target service for authentication.
29 Citations
20 Claims
-
1. A method, comprising:
-
receiving a combined code comprising a combined code hash of at least two sets of data from which an encoding scheme of the at least two sets of data can be determined, the at least two sets of data comprising; a first set of data that includes a first hash of a public key associated with a certificate used to establish a secure channel with a target service, and a second set of data that includes a credential for authentication; validating the certificate with the first set of data included in the combined code; and responsive to successful validation of the certificate, providing the credential from the second set of data to the target service for authentication. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method comprising:
-
communicating a combined code and a certificate to a client, the combined code containing data for the client to authenticate a server device and the certificate including information to establish a secure channel with the client, the data comprising a hash of a public key included in the certificate, the combined code including a first credential and a combined code hash of the combined code to enable the client to determine an encoding scheme of at least the hash of the public key; receiving a second credential from the client via an established secure channel; and authenticating the client by comparing the second credential with the first credential. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A method comprising:
-
receiving a combined code out-of-band that includes a first hash of a public key associated with a target service and a combined code hash of the combined code usable to determine an encoding format of the first hash of the public key; authenticating the target service using the first hash of the public key; identifying a credential in the combined code; and providing the credential to the target service for authentication. - View Dependent Claims (17, 18, 19, 20)
-
Specification