System and method providing disconnected authentication

US 8,966,276 B2
Filed: 09/10/2004
Issued: 02/24/2015
Est. Priority Date: 09/12/2003
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating at a verifier a user who possesses an authentication token capable of providing one or more one-time passcodes, comprising:

obtaining a verification record from an authentication server;

obtaining a passcode from the authentication token submitted to authenticate the user at the verifier, wherein the one-time passcodes are generated as a function of a token secret, and wherein the verifier is isolated from the token secret; and

determining whether the submitted passcode is consistent with the verification record, where the verification record is a function of a reference passcode, wherein the verifier is disconnected from the authentication server which provided the verification record.

View all claims

15 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a system for disconnected authentication, verification records corresponding to given authentication token outputs over a predetermined period of time, sequence of events, and/or set of challenges are downloaded to a verifier. The records include encrypted or hashed information for the given authentication token outputs. In one embodiment using time intervals, for each time interval, token output data, a salt value, and a pepper value, are hashed and compared with the verification record for the time interval. After a successful comparison, a user can access the computer. A PIN value can also be provided as an input the hash function. A portion of the hash function output can be used as a key to decrypt an encrypted (Windows) password, or other sensitive information.

102 Citations

View as Search Results

59 Claims

1. A method for authenticating at a verifier a user who possesses an authentication token capable of providing one or more one-time passcodes, comprising:
- obtaining a verification record from an authentication server;
  
  obtaining a passcode from the authentication token submitted to authenticate the user at the verifier, wherein the one-time passcodes are generated as a function of a token secret, and wherein the verifier is isolated from the token secret; and
  
  determining whether the submitted passcode is consistent with the verification record, where the verification record is a function of a reference passcode, wherein the verifier is disconnected from the authentication server which provided the verification record.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
- - 2. The method according to claim 1, wherein the verifier is a personal computer.
  - 3. The method according to claim 1, wherein the token secret is updated in response to an event.
  - 4. The method according to claim 1, wherein the one-time passcodes are generated as a function of a time variable.
  - 5. The method according to claim 1, wherein the one-time passcodes are generated as a function of an event variable.
  - 6. The method according to claim 1, wherein the passcodes are generated as a function of a challenge value.
  - 7. The method according to claim 1, wherein the one-time passcodes are generated as a function of a PIN.
  - 8. The method according to claim 1, wherein a function for generating the one-time passcodes comprises generating a tokencode from the token secret and combining the tokencode with the PIN.
  - 9. The method according to claim 1, wherein the one-time passcodes are generated as a function of a token secret stored at an authentication server.
  - 10. The method according to claim 9, wherein the token secret is stored in the authentication token.
  - 11. The method according to claim 1, wherein the authentication server generates at least part of the reference passcode.
  - 12. The method according to claim 1, wherein the authentication token generates at least part of the submitted passcode.
  - 13. The method according to claim 1, wherein one or more tokencodes are stored in the authentication token, and the submitted passcode is obtained as a function of one of said tokencodes.
  - 14. The method according to claim 1, wherein the verification record is obtained from an intermediary, and wherein the intermediary obtains the verification record from the authentication server.
  - 15. The method according to claim 14, wherein the intermediary is a personal computer.
  - 16. The method according to claim 14, wherein the intermediary is an application server.
  - 17. The method according to claim 1, wherein the verification record is obtained as part of a data structure comprising a plurality of verification records.
  - 18. The method according to claim 1, wherein the verification record is obtained as part of an authenticated data structure.
  - 19. The method according to claim 18, wherein the authenticated data structure is a SAML assertion.
  - 20. The method according to claim 1, wherein the verification record is stored at the verifier.
  - 21. The method according to claim 1, wherein at least part of the submitted passcode is obtained via user interaction.
  - 22. The method according to claim 1, wherein at least part of the submitted passcode is obtained via a wired and/or wireless communications link.
  - 23. The method according to claim 1, wherein consistency of the submitted passcode is determined with respect to a plurality of verification records.
  - 24. The method according to claim 1, wherein the function for generating the verification record comprises a cryptographic hash function.
  - 25. The method according to claim 24, wherein the cryptographic hash function is iterated multiple times.
  - 26. The method according to claim 24, wherein the function for generating the verification record comprises a cryptographic time-lock puzzle.
  - 27. The method according to claim 24, wherein the verification record comprises a reference hashed passcode, where the reference hashed passcode is the result of applying a one-way function to the reference passcode.
  - 28. The method according to claim 1, wherein the verification record comprises an encrypted data element, where the encrypted data element is the result of encrypting a data element with a key, and where the key is the result of applying a one-way function to the reference passcode.
  - 29. The method according to claim 28, further includingapplying the one-way function to the submitted passcode to obtain a key;
    - decrypting the encrypted data element with the key to recover the data element; and
      
      determining consistency based at least in part on whether the decryption operation is successful.
  - 30. The method according to claim 28, further includingapplying the one-way function to the submitted token code to obtain a key;
    - decrypting the encrypted data element with the key to recover the data element;
      
      using the data element; and
      
      determining consistency based at least in part on whether the usage of the data element is successful.
  - 31. The method according to claim 28, wherein the data element comprises a Windows password.
  - 32. The method according to claim 28, wherein the data element comprises at least part of a pepper value for another authentication operation.
  - 33. The method according to claim 28, wherein the data element comprises a hint value for another authentication operation.
  - 34. The method according to claim 28, wherein the data element comprises a second key.
  - 35. The method according to claim 34, further including obtaining a second encrypted data element, where the second encrypted data element is the result of encrypting a second data element with the second key.
  - 36. The method according to claim 35,wherein the second data element comprises a Windows password.
  - 37. The method according to claim 35, wherein the second data element comprises a hint value.
  - 38. The method according to claim 35, wherein the data element comprises sensitive data.
  - 39. The method according to claim 1, wherein input to the function for generating the verification record also comprises a function of a PIN value.
  - 40. The method according to claim 39, wherein the function of the PIN value contains less information than the entire PIN value, such that more than one PIN value is consistent with the verification record.
  - 41. The method according to claim 40, wherein verification records generated from incorrect PINs are also stored at the verifier.
  - 42. The method according to claim 1, wherein the input to the function for generating the verification record also comprises a salt value.
  - 43. The method according to claim 42, wherein the verification record comprises the salt value.
  - 44. The method according to claim 42, wherein part or all of the salt value is included in another verification record.
  - 45. The method according to claim 44, further including testing consistency with salt values from one or more other verification records.
  - 46. The method according to claim 1, wherein input to the function for generating the verification record also comprises a pepper value.
  - 47. The method according to claim 46, further including testing consistency for one or more possible pepper values.
  - 48. The method according to claim 1, wherein the input to the function for generating the verification record also comprises a hint value.
  - 49. The method according to claim 48, wherein the hint value is recovered from one or more other authentication operations.
  - 50. The method according to claim 1, further including encrypting the verification record to produce an encrypted verification record,obtaining a decryption key;
    - anddecrypting the encrypted verification record to recover the verification record.
  - 51. The method according to claim 50, wherein the decryption key is derived from an emergency access code.
  - 52. The method according to claim 50, wherein the decryption key is derived from a key recovered in another verification operation.
  - 53. The method according to claim 1, wherein input to the function for generating the verification record also comprises at least part of a second reference passcode.
  - 54. The method according to claim 53, further including testing consistency of the verification record with both of the reference passcode and the at least part of the second reference passcode.
  - 55. The method according to claim 1, wherein the authentication token is a software token implemented on a computer.
  - 56. The method according to claim 1, further including increasing over time an amount of work required to compute the verification record in an attack.

57. A method for disconnection authentication, comprising:
- receiving verification records from an authentication server by an authenticated computer connected to the authentication server;
  
  storing the verification records on the computer, wherein the verification records correspond to a period of time and/or an event and include information corresponding to passcodes;
  
  receiving a passcode from an authentication token submitted by a user of the computer, which is disconnected from the server, wherein the passcode is generated as a function of a token secret, and wherein the verifier is isolated from the token secret; and
  
  determining whether the submitted passcode corresponds to a given one of the verification records to authenticate the user and allow the user to use the computer.

58. A method for authenticating at a laptop computer a user who possesses an authentication token capable of providing one or more one-time passcodes, comprising:
- obtaining a verification record from an authentication server;
  
  obtaining a passcode from the authentication token submitted to authenticate the user at the laptop, wherein the passcode is generated as a function of a token secret, and wherein the laptop computer is isolated from the token secret; and
  
  determining whether the submitted passcode is consistent with the verification record, where the verification record is a function of a reference passcode, wherein the laptop computer is disconnected from the authentication server which provided the verification record, and disconnected from all network connections.

59. A method for authenticating at a verifier a user who possesses an authentication token capable of providing one or more one-time passcodes, comprising:
- obtaining a verification record from an authentication server;
  
  obtaining a passcode from the authentication token submitted to authenticate the user at the verifier; and
  
  determining whether the submitted passcode is consistent with the verification record, where the verification record is a function of a reference passcode, wherein the verifier is disconnected from the authentication server which provided the verification record.wherein determining whether the submitted passcode is consistent with the verification record includes;
  
  applying a one-way function to the submitted passcode to obtain a hashed passcode;
  
  comparing the hashed passcode to a reference hashed passcode; and
  
  determining consistency based at least in part on the whether the comparison is successful.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Nanopoulos, Andrew, Ackerman, Karl, Bowness, Piers, Duane, William, Jakobsson, Markus, Kaliski, Burt, Pal, Dmitri, Rice, Shane D., Rivest, Ronald L.
Primary Examiner(s)
Rashid, Harunur

Application Number

US10/938,422
Publication Number

US 20050166263A1
Time in Patent Office

3,819 Days
Field of Search

726/4, 726/8, 726/9, 726/10, 713/183, 713/184, 713/185
US Class Current

713/183
CPC Class Codes

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

G06F 2221/2103   Challenge-response

H04L 2209/80   Wireless network architectu...

H04L 63/0838   using one-time-passwords

H04L 63/0853   using an additional device,...

H04L 9/002   Countermeasures against att...

H04L 9/3228   One-time or temporary data,...

H04L 9/3234   involving additional secure...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3271   using challenge-response

H04L 9/50   using hash chains, e.g. blo...

System and method providing disconnected authentication

First Claim

15 Assignments

0 Petitions

Accused Products

Abstract

102 Citations

59 Claims

Specification

Use Cases

Quick Links

Others

System and method providing disconnected authentication

First Claim

15 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

102 Citations

59 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others