Keyed pseudo-random number generator
First Claim
Patent Images
1. A computer-implemented method comprising:
- retrieving state data comprising at least a first pseudo-random value and a second pseudo-random value, wherein each of the first pseudo-random value and second pseudo-random value are generated by encrypting and truncating other pseudo-random values;
encrypting, by a processing device, a combination of at least the first pseudo-random value and the second pseudo-random value using a key to produce an output value;
truncating the output value to generate a third pseudo-random value;
comparing the third pseudo-random value with another pseudo-random value generated by a device requesting authentication; and
requesting synchronization of state data from the device requesting authentication, in response to a failed comparison of the third pseudo-random value and the pseudo-random value generated by the device.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for client authentication using a pseudo-random number generation system. The pseudo-random number generation utilizes a secret key as well as state information as input into the hash function to generate a pseudo-random number. The state information that is part of the input can be any number of prior generated pseudo-random numbers. The authentication allows for synchronization of the client and server by exchanging state information. The authentication is not dependent on any absolute time and consequently the client and servers are not required to maintain a reliable shared time base.
47 Citations
14 Claims
-
1. A computer-implemented method comprising:
-
retrieving state data comprising at least a first pseudo-random value and a second pseudo-random value, wherein each of the first pseudo-random value and second pseudo-random value are generated by encrypting and truncating other pseudo-random values; encrypting, by a processing device, a combination of at least the first pseudo-random value and the second pseudo-random value using a key to produce an output value; truncating the output value to generate a third pseudo-random value; comparing the third pseudo-random value with another pseudo-random value generated by a device requesting authentication; and requesting synchronization of state data from the device requesting authentication, in response to a failed comparison of the third pseudo-random value and the pseudo-random value generated by the device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer readable storage medium, having instructions stored therein, which when executed, cause a processing device to perform a set of operations comprising:
-
retrieving state data comprising at least a first pseudo-random value and a second pseudo-random value, wherein each of the first pseudo-random value and second pseudo-random value are generated by encrypting and truncating other pseudo-random values; encrypting, by a processing device, a combination of at least the first pseudo-random value and the second pseudo-random value using a key to produce an output value; truncating the output value to generate a third pseudo-random value; comparing the third pseudo-random value with another pseudo-random value generated by a device requesting authentication; and requesting synchronization of state data from the device requesting authentication, in response to a failed comparison of the third pseudo-random value and the pseudo-random value generated by the device. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A system comprising:
-
a memory; a processing device coupled to the memory; an encryption module executable from the memory by the processing device; a pseudo-random number generator module executable from the memory by the processing device and coupled to the encryption module, the pseudo-random number generator module to generate a third pseudo-random number by calling the encryption module to encrypt a combination of at least a first prior pseudo-random output value and a second prior pseudo-random output value, wherein the first prior pseudo-random output value and the second prior pseudo-random output value are generated by encrypting and truncating other pseudo-random values; a state data tracker module executed from the memory by the processing device and coupled to the pseudo-random number generator module, the state data tracker module to maintain a time value and values of the at least first prior pseudo-random output value and second prior pseudo-random output value; and a synchronization module executed from the memory by the processing device and coupled to the pseudo-random number generator module to synchronize the state data with state data of another computer.
-
Specification