Secure product enablement over channels with narrow bandwidth

US 8,666,900 B1
Filed: 03/30/2005
Issued: 03/04/2014
Est. Priority Date: 03/30/2005
Status: Active Grant

First Claim

Patent Images

1. A method for enabling a product offering received by a client from a vendor, the method comprising:

in a computer system at the client;

providing to the vendor a plurality of alphanumeric strings;

computing an index to a client side table using the plurality of strings;

receiving from the vendor a validation code for the product offering; and

verifying the validation code using the validation code and the index to the client side table.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method provide an enablement scheme that accommodates small bandwidth channels and does not rely on shared secrets between parties. This is accomplished by storing a table of messages on a vendor server and a table of hashes of the message on client machines. A process is used by the vendor to select a message from the table to use for a validation code for enablement, and an identical process is used by the client to find a corresponding hash in the hash table. By comparing the hash in the hash table to a hash of the validation code received, the client can verify the validation code. The system includes software portions for enabling the method.

Citations

42 Claims

1. A method for enabling a product offering received by a client from a vendor, the method comprising:
- in a computer system at the client;
  
  providing to the vendor a plurality of alphanumeric strings;
  
  computing an index to a client side table using the plurality of strings;
  
  receiving from the vendor a validation code for the product offering; and
  
  verifying the validation code using the validation code and the index to the client side table.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the alphanumeric strings are provided to a client via a user interface associated with the product offering.
  - 3. The method of claim 1, wherein a first string of the plurality is specific to the product offering and a second string of the plurality is not controlled by the client.
  - 4. The method of claim 3, wherein the second string is a resource identification.
  - 5. The method of claim 1, wherein the client side table comprises hashes associated with a table of vendor side secrets.
  - 6. The method of claim 5, wherein the vendor side secrets are random numbers and each hash is generated from a concatenation of one of the random numbers and the index to the client side table.
  - 7. The method of claim 1, wherein computing the index further comprises executing a modulo function of a hash of a concatenation of the alphanumeric strings, wherein the number of rows in the client side table is the modulus for the modulo function.
  - 8. The method of claim 1, wherein the validation code is a portion of a selected secret from a table of vendor side secrets, the selected secret determined by the alphanumeric strings.
  - 9. The method of claim 8, wherein the selected secret is a random number selected from the table of vendor side secrets by computing an index to the table of vendor side secrets.
  - 10. The method of claim 1, wherein verifying the validation code further comprises:
    - computing a hash of a concatenation of the validation code, unknown additional digits, and the index to the client side table; and
      
      comparing the hash to a client side table hash corresponding to the index.
  - 11. The method of claim 1, wherein the client side table is provided to the client with the product offering.

12. A method for enabling a product offering received by a client from a vendor, the method comprising:
- in a computer system at the client;
  
  downloading the product offering from a vendor, the product offering including a client side table;
  
  providing to the vendor a plurality of alphanumeric strings;
  
  computing an index to the client side table using the plurality of strings;
  
  receiving from the vendor a validation code for the product offering; and
  
  verifying the validation code using the validation code and the index to the client side table.

13. A method for enabling a product offering received by a client from a vendor, the method comprising:
- in a computer system at the vendor;
  
  receiving from the client a plurality of alphanumeric strings;
  
  computing an index to a vendor side table using the plurality of alphanumeric strings, the vendor side table comprising vendor side secrets; and
  
  providing to the client a validation code for the product offering, the validation code generated from a selected vendor side secret.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The method of claim 13, wherein a first string of the plurality is specific to the product offering and a second string of the plurality is not controlled by the client.
  - 15. The method of claim 14, wherein the second string is a resource identification.
  - 16. The method of claim 13, wherein computing the index further comprises executing a modulo function of a hash of a concatenation of the alphanumeric strings, wherein the number of rows in the vendor side table is the modulus for the modulo function.
  - 17. The method of claim 13, wherein the vendor side secrets are random numbers, each of the random numbers comprising a first set of digits and a second set of digits.
  - 18. The method of claim 17, wherein the validation code is the first set of digits.
  - 19. The method of claim 17, wherein the product offering includes a client side table of hashes, each hash generated from a concatenation of one of the random numbers and the index to the client side table.
  - 20. The method of claim 13, wherein the selected vendor side secret is determined by computing an index to the vendor side table using the numerical string.

21. A computer program product for enabling a product offering received by a client from a vendor, comprising:
- a non-transitory computer-readable medium; and
  
  computer program code, coded on the medium, that, when executed by a computer system in a client, cause the computer system in the client to;
  
  display to the client a plurality of alphanumeric strings;
  
  compute an index to a client side table using the plurality of strings;
  
  receive client input comprising a validation code for the product offering; and
  
  verify the validation code using the validation code and the index to the client side table.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
- - 22. The computer program product of claim 21, wherein a first string of the plurality is specific to the product offering and a second string of the plurality is not controlled by the client.
  - 23. The computer program product of claim 21, wherein the client side table comprises hashes associated with a table of vendor side secrets.
  - 24. The computer program product of claim 23, wherein the vendor side secrets are random numbers and each hash is generated from a concatenation of one of the random numbers and the index to the client side table.
  - 25. The computer program product of claim 21, wherein computing the index further comprises executing a modulo function of a hash of a concatenation of the alphanumeric strings, wherein the number of rows in the client side table is the modulus for the modulo function.
  - 26. The computer program product of claim 21, wherein the validation code is a portion of a selected secret from a table of vendor side secrets, the selected secret determined by the alphanumeric strings.
  - 27. The computer program product of claim 26, wherein the selected secret is a random number selected from the table of vendor side secrets by computing an index to the table of vendor side secrets.
  - 28. The computer program product of claim 21, wherein verifying the validation code further comprises:
    - computing a hash of a concatenation of the validation code, unknown additional digits, and the index to the client side table; and
      
      comparing the hash to a client side table hash corresponding to the index.
  - 29. The computer program product of claim 21, wherein the client side table is provided to the client with the product offering.

30. A system for enabling a product offering received by a client from a vendor, the system comprising:
- a computer system at the client configured to;
  
  display to the client a plurality of alphanumeric strings;
  
  compute an index to a client side table using the plurality of strings;
  
  receive client input comprising a validation code for the product offering; and
  
  verify the validation code using the validation code and the index to the client side table.
- View Dependent Claims (31, 32, 33, 34, 35, 36)
- - 31. The system of claim 30, wherein the computer system at the client is further configured to maintain a client side table.
  - 32. The system of claim 31, wherein the client side table is comprised of hashes associated with a table of vendor side secrets.
  - 33. The system of claim 32, wherein the vendor side secrets are random numbers and each hash is generated from a concatenation of one of the random numbers and the index to the client side table.
  - 34. The system of claim 30, wherein, when computing the index, the computer system at the client is configured to:
    - execute a modulo function of a hash of a concatenation of the alphanumeric strings, wherein the number of rows in the client side table is the modulus for the modulo function.
  - 35. The system of claim 30, wherein, when verifying the validation code, the computer system at the client is configured to:
    - compute a hash of a concatenation of the validation code, unknown additional digits, and the index to the client side table; and
      
      compare the hash to a client side table hash corresponding to the index.
  - 36. The system of claim 35, wherein the client side table is provided to the client with the product offering.

37. A system for enabling a product offering received by a client from a vendor, the system comprising:
- a computer system at the client configured to;
  
  download the product offering from a vendor, the product offering including a client side table;
  
  display to the client a plurality of alphanumeric strings;
  
  compute an index to the client side table using the plurality of strings;
  
  receive client input comprising a validation code for the product offering; and
  
  verify the validation code using the validation code and the index to the client side table.

38. A system for enabling a product offering received by a client from a vendor, the system comprising:
- a computer system at the vendor configured to;
  
  receive user input comprising a plurality of alphanumeric strings;
  
  compute an index to a vendor side table using the plurality of alphanumeric strings, the vendor side table comprising vendor side secrets; and
  
  display to a user a validation code for the product offering, the validation code generated from a selected vendor side secret.

39. The system of 38, wherein the computer system at the vendor is further configured to:
- create the vendor side table and a client side table of hashes.

40. The system of 39, wherein the hashes are associated with the vendor side table.

41. The system of 38, wherein the computer system at the vendor is further configured to:
- generate a validation code.

42. The system of 41, wherein the vendor side secrets are random numbers, each of the random numbers comprising a first set of digits and a second set of digits, and the validation code is the first set of digits.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intuit, Inc.
Original Assignee
Intuit, Inc.
Inventors
Chan, Kwei, Junestam, John Erik Andreas
Primary Examiner(s)
Nigh, James D

Application Number

US11/095,046
Time in Patent Office

3,261 Days
Field of Search

705 26- 27, 705 50- 59, 705/76, 709/200, 709/224, 709/229, 713/156, 713/167, 707/1, 707/201, 717174-178
US Class Current

705/59
CPC Class Codes

G06Q 30/018 Certifying business or prod...

Secure product enablement over channels with narrow bandwidth

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Secure product enablement over channels with narrow bandwidth

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links