Method for authorising a connection between a computer terminal and a source server

US 8,856,900 B2
Filed: 04/15/2010
Issued: 10/07/2014
Est. Priority Date: 04/16/2009
Status: Active Grant

First Claim

Patent Images

1. A method for authorising a connection between a computer terminal of a user and a source server, the method comprising:

(a) sending a password from the terminal to the source server;

(b) checking the password with the source server to authorize the connection with the terminal;

(c) in an initialization phase;

(i) connecting the terminal to a gateway server placed between the terminal and the source server by sending from the terminal to the gateway server an initialization request comprising a non-random identifier;

(ii) generating on the gateway server a secret key that is specific to the user and that comprises a random number and sending the secret key from the gateway server to the terminal;

(iii) as soon as the terminal receives the secret key, using the terminal to hide the password in a unique multimedia file by applying a steganographic encryption algorithm bootstrapped by the secret key;

(iv) as soon as the steganographic encryption algorithm is executed, deleting the secret key from the terminal; and

(v) once the password is hidden in the unique multimedia file, deleting the password from the terminal and keeping only the unique multimedia file containing the password in the terminal;

(d) in a connection phase;

(i) sending the unique multimedia file containing the hidden password from the terminal to the gateway server;

(ii) extracting the password from the unique multimedia file, on the gateway server, by executing a reverse encryption algorithm bootstrapped by the secret key, and sending the password from the gateway server to the source server;

(iii) immediately deleting the password from the gateway server as soon as the password is sent from the gateway server towards the source server; and

(iv) using the source server to analyze the received password and authorize the connection with the terminal in response to the password being authenticated.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosure relates to a method and a system for authorising a connection between a computer terminal and a source server, including an initialization phase wherein:

- the terminal connects to a gateway server,
- the gateway server sends a secret key to the terminal,
- the terminal hides the password in a data file by applying an encryption algorithm bootstrapped by the secret key, then deletes the secret key and the password,
  and a connection phase wherein:
- the terminal sends the data file containing the password to the gateway server,
- the gateway server extracts the files password by executing a reverse encryption algorithm bootstrapped by the secret key, and sends the password to the source server without saving it,
- the source server analysis the received password and authorizes the connection with the terminal if the password is authenticated.

Citations

8 Claims

1. A method for authorising a connection between a computer terminal of a user and a source server, the method comprising:
- (a) sending a password from the terminal to the source server;
  
  (b) checking the password with the source server to authorize the connection with the terminal;
  
  (c) in an initialization phase;
  
  (i) connecting the terminal to a gateway server placed between the terminal and the source server by sending from the terminal to the gateway server an initialization request comprising a non-random identifier;
  
  (ii) generating on the gateway server a secret key that is specific to the user and that comprises a random number and sending the secret key from the gateway server to the terminal;
  
  (iii) as soon as the terminal receives the secret key, using the terminal to hide the password in a unique multimedia file by applying a steganographic encryption algorithm bootstrapped by the secret key;
  
  (iv) as soon as the steganographic encryption algorithm is executed, deleting the secret key from the terminal; and
  
  (v) once the password is hidden in the unique multimedia file, deleting the password from the terminal and keeping only the unique multimedia file containing the password in the terminal;
  
  (d) in a connection phase;
  
  (i) sending the unique multimedia file containing the hidden password from the terminal to the gateway server;
  
  (ii) extracting the password from the unique multimedia file, on the gateway server, by executing a reverse encryption algorithm bootstrapped by the secret key, and sending the password from the gateway server to the source server;
  
  (iii) immediately deleting the password from the gateway server as soon as the password is sent from the gateway server towards the source server; and
  
  (iv) using the source server to analyze the received password and authorize the connection with the terminal in response to the password being authenticated.
- View Dependent Claims (2)
- - 2. A method according to claim 1, wherein during the initialization phase:
    - the gateway server first sends a secondary secret key to the terminal;
      
      the gateway server encrypts the secret key by using an encryption algorithm bootstrapped by the secondary secret key, and then sends the encrypted secret key to the terminal; and
      
      the terminal extracts the secret key by executing a reverse encryption algorithm bootstrapped by the secondary secret key.

3. A method for authorising a connection between a computer terminal of a user and a source server, the method comprising:
- (a) the terminal sending a password to the source server;
  
  (b) the source server checking the password to authorize the connection with the terminal;
  
  (c) in an initialization phase;
  
  (i) the terminal connecting to the source server by sending from a terminal to the source server an initialization request comprising a non-random identifier;
  
  (ii) the source server generating a secret key that is specific to the user and that comprises a random number and sending the secret key to the terminal;
  
  (iii) the terminal, as soon as the secret key is received, hiding the password in a unique multimedia file by applying a steganographic encryption algorithm bootstrapped by the secret key;
  
  (iv) as soon as the steganographic encryption algorithm is executed, deleting the secret key from the terminal; and
  
  (v) once the password is hidden in the unique multimedia file, deleting the password from the terminal and keeping only the unique multimedia file containing the password in the terminal;
  
  (d) in a connection phase;
  
  (i) the terminal sending the unique multimedia file containing the password to the source server; and
  
  (ii) the source server extracting the password from the unique multimedia file by executing a reverse encryption algorithm bootstrapped by the secret key, analyzing the password, and authorizing connection with the terminal in response to the password being authenticated.
- View Dependent Claims (4)
- - 4. A method according to claim 3, wherein during the initialization phase:
    - the source server first sends a secondary secret key to the terminal;
      
      the source server encrypts the secret key by using an encryption algorithm bootstrapped by the secondary secret key and then sends the encrypted secret key to the terminal; and
      
      the terminal extracts the secret key by executing a reverse encryption algorithm bootstrapped by the secondary secret key.

5. A system for authorising a connection between a computer terminal of a user and a source server, the system comprising:
- the terminal comprising a processor configured to execute first instructions from a non-transitory computer-readable medium, the first instructions comprising a resource for sending a password to the source server;
  
  the source server comprising a processor configured to execute second instructions from a non-transitory computer-readable medium, the second instructions comprising a resource for checking the password to authorize the connection with the terminal;
  
  in an initialization phase;
  
  (a) the terminal further comprising a resource for connecting to a gateway server placed between the terminal and the source server by sending from the terminal to the gateway server an initialization request comprising a non-random identifier;
  
  (b) the gateway server further comprising a resource for generating on the gateway server a secret key that is specific to the user and that comprises a random number and sending the secret key to the terminal;
  
  (c) the terminal further comprising a resource for hiding the password in a unique multimedia file as soon as the terminal receives the secret key, by applying a steganographic encryption algorithm bootstrapped by the secret key, and a resource for deleting the secret key as soon as the steganographic encryption algorithm is executed and deleting the password once the password is hidden in the unique multimedia file and keeping only the unique multimedia file containing the password;
  
  in a connection phase;
  
  (a) the terminal further comprising a resource for sending the unique multimedia file containing the password to the gateway server;
  
  (b) the gateway server further comprising a resource for extracting the password from the unique multimedia file by executing a reverse encryption algorithm bootstrapped by the secret key, a resource for sending the password to the source server, and a resource for immediately deleting the password from the gateway server as soon as the password is sent from the gateway server towards the source server; and
  
  (c) the source server further comprising a resource for analysing the received password and authorising the connection with the terminal in response to the password being authenticated.

6. A system for authorising a connection between a computer terminal of a user and a source server, the system comprising:
- the terminal comprising a processor configured to execute first instructions from a non-transitory computer-readable medium, wherein the first instructions result in the terminal operably sending a password to the source server;
  
  the source server comprising a processor configured to execute second instructions from a non-transitory computer-readable medium, wherein the second instructions result in the source server operably checking the password to authorize the connection with the terminal;
  
  in an initialization phase;
  
  (a) the terminal operably connecting to the source server by sending from the terminal to the source server an initialization request comprising a non-random identifier;
  
  (b) the source server operably generating a secret key that is specific to the user and that comprises a random number and sending the secret key to the terminal;
  
  (c) the terminal operably hiding the password in a unique multimedia file, as soon as the secret key is received, by applying a steganographic encryption algorithm bootstrapped by the secret key, and the terminal operably deleting the secret key as soon as the steganographic encryption algorithm is executed and deleting the password once the password is hidden in the unique multimedia file and keeping only the unique multimedia file containing the password;
  
  in a connection phase;
  
  (a) the terminal operably sending the unique multimedia file containing the password to the source server; and
  
  (b) the source server operably extracting the password from the unique multimedia file by executing a reverse encryption algorithm bootstrapped by the secret key, the source server operably analysing the password and authorising connection with the terminal in response to the password being authenticated.
- View Dependent Claims (7, 8)
- - 7. A system according to claim 6, wherein the terminal is a mobile telephone.
  - 8. A system according to claim 6, wherein the source server is an instant messaging community server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Synchronoss Technologies France
Original Assignee
Synchronoss Technologies France
Inventors
Colon, Franois
Primary Examiner(s)
Desrosiers, Evans
Assistant Examiner(s)
POTRATZ, DANIEL B

Application Number

US12/760,811
Publication Number

US 20110016512A1
Time in Patent Office

1,636 Days
Field of Search

380/100, 380/284, 713/2, 713/153, 713/168, 713/179, 713/184, 713/185, 713/176, 726/5, 726/11, 726/12, 726/7, 382/100
US Class Current

726/7
CPC Class Codes

G06T 1/0021   Image watermarking

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 2209/80   Wireless

H04L 63/0281   Proxies

H04L 63/083   using passwords cryptograph...

H04L 9/0861   Generation of secret inform...

H04L 9/3226   using a predetermined code,...

H04L 9/3228   One-time or temporary data,...

H04N 1/32272   Encryption or ciphering

Method for authorising a connection between a computer terminal and a source server

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Method for authorising a connection between a computer terminal and a source server

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links