One-time password authentication employing local testing of candidate passwords from one-time password server

US 8,412,928 B1
Filed: 03/31/2010
Issued: 04/02/2013
Est. Priority Date: 03/31/2010
Status: Active Grant

First Claim

Patent Images

1. A method by which a one-time password (OTP) server provides a one-time password service to an authentication server coupled to the OTP server by a communications channel, the method comprising the steps, performed by a processor of the OTP server, of:

maintaining, in a memory of the OTP server, a set of associations between a plurality of users and corresponding user-specific secret data used in a one-time-password (OTP) process to generate OTPs for use in authenticating the users;

receiving an authentication request from the authentication server via the communications channel, the authentication request identifying one of the users, the authentication server having separately received a first hashed OTP value resulting from application of a hash function to a user-generated OTP for authenticating the identified user;

in response to receiving the authentication request, executing the OTP process using the secret data for the identified user to generate a set of candidate OTPs, any one of the candidate OTPs being expected to match the user-generated OTP for a valid authentication of the identified user;

generating and returning a response to the authentication server via the communications channel, the response including second hashed OTP values each generated by applying the hash function to a respective candidate OTP;

subsequent to returning the response to the authentication server, receiving an informational message from the authentication server (a) indicating whether any of the second hashed OTP values has matched the first hashed OTP value, and (b) identifying which one, if any, of the second hashed OTP values has matched the first hashed OTP value; and

conditionally taking further user-specific action based on the indication in the informational message whether any of the second hashed OTP values has matched the first hashed OTP value,wherein the further user-specific action includes (a) maintaining a count of recent occurrences of OTP requests for the user for which the informational message from the authentication server indicates that none of the second hashed OTP values has matched a hashed OTP value for the user, and (b) taking a count-based action based on whether the count of recent occurrences is greater than a predetermined threshold.

View all claims

18 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing system has a local computing domain coupled to a one-time password (OTP) server. The OTP server maintains user-specific secret data used in a one-time-password (OTP) process to generate OTPs for user authentication. An authentication server in the computing domain sends an OTP request identifying a user to the OTP server. The OTP server executes the OTP process to generate a set of candidate OTPs, any one of which is expected to match a user-generated OTP for a valid authentication. The OTP server returns a response to the authentication server which includes second hashed OTP values, each generated by applying a hash function to a respective candidate OTP. The authentication server performs a comparison function between a first hashed OTP value from the user and the second hashed OTP values. Only upon determining that the first hashed OTP value matches one of the second hashed OTP values, the authentication server performs a protected function in the computing domain that is permitted only upon authentication of the user. Applications include authentication in a ticket-based authentication scheme such as a Kerberos system, in which the protected function may be the granting of a ticket-granting ticket enabling the user to engage service servers in the computing domain.

67 Citations

View as Search Results

18 Claims

1. A method by which a one-time password (OTP) server provides a one-time password service to an authentication server coupled to the OTP server by a communications channel, the method comprising the steps, performed by a processor of the OTP server, of:
- maintaining, in a memory of the OTP server, a set of associations between a plurality of users and corresponding user-specific secret data used in a one-time-password (OTP) process to generate OTPs for use in authenticating the users;
  
  receiving an authentication request from the authentication server via the communications channel, the authentication request identifying one of the users, the authentication server having separately received a first hashed OTP value resulting from application of a hash function to a user-generated OTP for authenticating the identified user;
  
  in response to receiving the authentication request, executing the OTP process using the secret data for the identified user to generate a set of candidate OTPs, any one of the candidate OTPs being expected to match the user-generated OTP for a valid authentication of the identified user;
  
  generating and returning a response to the authentication server via the communications channel, the response including second hashed OTP values each generated by applying the hash function to a respective candidate OTP;
  
  subsequent to returning the response to the authentication server, receiving an informational message from the authentication server (a) indicating whether any of the second hashed OTP values has matched the first hashed OTP value, and (b) identifying which one, if any, of the second hashed OTP values has matched the first hashed OTP value; and
  
  conditionally taking further user-specific action based on the indication in the informational message whether any of the second hashed OTP values has matched the first hashed OTP value,wherein the further user-specific action includes (a) maintaining a count of recent occurrences of OTP requests for the user for which the informational message from the authentication server indicates that none of the second hashed OTP values has matched a hashed OTP value for the user, and (b) taking a count-based action based on whether the count of recent occurrences is greater than a predetermined threshold.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method according to claim 1, wherein:
    - the OTP process incorporates time-based dynamic values that are synchronized between the OTP server and a device used to generate the user-generated OTP to within a time window; and
      
      the OTP process is performed multiple times for a device-specific secret value of the secret data, each iteration of the OTP process utilizing a respective different one of a set of dynamic values for a plurality of time intervals in the time window and generating a corresponding one of the second hashed OTP values.
  - 3. A method according to claim 2, wherein:
    - the informational message from the authentication server identifies one of the second hashed OTP values as having matched the first hashed OTP value; and
      
      the further user-specific action includes matching-based action based on which of the second hashed OTP values is identified in the informational message.
  - 4. A method according to claim 3, wherein the matching-based action includes making a time adjustment to the dynamic values used in subsequent performance of the OTP process for the user based on the time interval corresponding to the identified second hashed OTP value.
  - 5. A method according to claim 3, wherein the matching-based action includes:
    - in the case that the identified second hashed OTP value is for a marginal time interval at an outer extreme of the time window, then (a) re-executing the OTP process with a next-succeeding dynamic value to obtain a next OTP, (b) generating a hashed next OTP value by hashing the next OTP, and (c) returning the hashed next OTP value to the authentication server for use in a next-code challenge to be made to the user.
  - 6. A method according to claim 1, wherein the count-based action includes setting an indicator that future OTP requests for the user are to be denied.
  - 7. A method according to claim 1, wherein the set of associations include, for each of certain ones of the users, associations of secret data to a plurality of corresponding devices used by each such one of the users to generate user-generated OTPs, and wherein the OTP process is performed once for each of a plurality of device-specific secret values for corresponding devices of the identified user, each iteration of the OTP process generating a corresponding one of the second hashed OTP values.
  - 8. A method according to claim 1, wherein (a) the hash function is one of a plurality of distinct hash functions usable to create the second hashed candidate values, (b) the OTP request identifies a particular one of the hash functions to be used to generate the second hashed OTP values, and (c) the OTP server is operative to select and use the particular one of the hash functions based on its identification in the OTP request.
  - 9. A method according to claim 1, wherein the set of candidate OTPs is a set of first-code OTPs, and further comprising executing the OTP process using the secret data for the identified user to generate a set of next-code candidate OTPs, any one of the next-code candidate OTPs being expected to match a next succeeding user-generated OTP in a next-code challenge to the identified user;
    - andthe response to the authentication server includes third hashed OTP values each generated by applying the hash function to a respective next-code candidate OTP for use by the authentication server in the next-code challenge.

10. A computerized device operable as a one-time password (OTP) server, comprising:
- non-transitory memory operative to store computer instructions; and
  
  a processor coupled to the memory operative to execute the computer instructions to cause the computerized device to perform a method by which the computerized device provides a one-time password service to an authentication server coupled to the OTP server by a communications channel, the method comprising;
  
  maintaining, in the memory, a set of associations between a plurality of users and corresponding user-specific secret data used in a one-time-password (OTP) process to generate OTPs for use in authenticating the users;
  
  receiving an authentication request from the authentication server via the communications channel, the authentication request identifying one of the users, the authentication server having separately received a first hashed OTP value resulting from application of a hash function to a user-generated OTP for authenticating the identified user;
  
  in response to receiving the authentication request, executing the OTP process using the secret data for the identified user to generate a set of candidate OTPs, any one of the candidate OTPs being expected to match the user-generated OTP for a valid authentication of the identified user;
  
  generating and returning a response to the authentication server via the communications channel, the response including second hashed OTP values each generated by applying the hash function to a respective candidate OTP;
  
  subsequent to returning the response to the authentication server, receiving an informational message from the authentication server (a) indicating whether any of the second hashed OTP values has matched the first hashed OTP value, and (b) identifying which one, if any, of the second hashed OTP values has matched the first hashed OTP value; and
  
  conditionally taking further user-specific action based on the indication in the informational message whether any of the second hashed OTP values has matched the first hashed OTP value,wherein the user-specific action includes (a) maintaining a count of recent occurrences of OTP requests for the user for which the informational message from the authentication server indicates that none of the second hashed OTP values has matched a hashed OTP value for the user, and (b) taking count-based action based on whether the count of recent occurrences is greater than a predetermined threshold.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. A computerized device according to claim 10, wherein:
    - the OTP process incorporates time-based dynamic values that are synchronized between the OTP server and a device used to generate the user-generated OTP to within a time window; and
      
      the OTP process is performed multiple times for a device-specific secret value of the secret data, each iteration of the OTP process utilizing a respective different one of a set of dynamic values for a plurality of time intervals in the time window and generating a corresponding one of the second hashed OTP values.
  - 12. A computerized device according to claim 11, wherein:
    - the informational message from the authentication server identifies one of the second hashed OTP values as having matched the first hashed OTP value; and
      
      the further user-specific action includes matching-based action based on which of the second hashed OTP values is identified in the informational message.
  - 13. A computerized device according to claim 12, wherein the matching-based action includes making a time adjustment to the dynamic values used in subsequent performance of the OTP process for the user based on the time interval corresponding to the identified second hashed OTP value.
  - 14. A computerized device according to claim 12, wherein the matching-based action includes:
    - in the case that the identified second hashed OTP value is for a marginal time interval at an outer extreme of the time window, then (a) re-executing the OTP process with a next-succeeding dynamic value to obtain a next OTP, (b) generating a hashed next OTP value by hashing the next OTP, and (c) returning the hashed next OTP value to the authentication server for use in a next-code challenge to be made to the user.
  - 15. A computerized device according to claim 10, wherein the count-based action includes setting an indicator that future OTP requests for the user are to be denied.
  - 16. A computerized device according to claim 10, wherein the set of associations include, for each of certain ones of the users, associations of secret data to a plurality of corresponding devices used by each such one of the users to generate user-generated OTPs, and wherein the OTP process is performed once for each of a plurality of device-specific secret values for corresponding devices of the identified user, each iteration of the OTP process generating a corresponding one of the second hashed OTP values.
  - 17. A computerized device according to claim 10, wherein (a) the hash function is one of a plurality of distinct hash functions usable to create the second hashed candidate values, (b) the OTP request identifies a particular one of the hash functions to be used to generate the second hashed OTP values, and (c) the OTP server is operative to select and use the particular one of the hash functions based on its identification in the OTP request.
  - 18. A computerized device according to claim 10, wherein the set of candidate OTPs is a set of first-code OTPs, and further comprising executing the OTP process using the secret data for the identified user to generate a set of next-code candidate OTPs, any one of the next-code candidate OTPs being expected to match a next succeeding user-generated OTP in a next-code challenge to the identified user;
    - andthe response to the authentication server includes third hashed OTP values each generated by applying the hash function to a respective next-code candidate OTP for use by the authentication server in the next-code challenge.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RSA Security LLC (Symphony Technology Group LLC)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Bowness, Piers
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
CORUM JR, WILLIAM A

Application Number

US12/750,758
Time in Patent Office

1,098 Days
Field of Search

713/155
US Class Current

713/155
CPC Class Codes

H04L 63/0838 using one-time-passwords

One-time password authentication employing local testing of candidate passwords from one-time password server

First Claim

18 Assignments

0 Petitions

Accused Products

Abstract

67 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

One-time password authentication employing local testing of candidate passwords from one-time password server

First Claim

18 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links