×

Key derivation techniques

  • US 9,197,409 B2
  • Filed: 09/29/2011
  • Issued: 11/24/2015
  • Est. Priority Date: 09/29/2011
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method of authentication for providing access to one or more computing resources of a computing resource provider, the one or more computing resources of the computing resource provider being part of a logical grouping of computing resources in a key zone of a plurality of key zones, the method comprising:

  • under the control of one or more computer systems configured with executable instructions,receiving, by the one or more computer systems, a message and a signature of the message from an authenticating party;

    generating, by the one or more computer systems and based at least in part on the received message, an expected signature by at least invoking a hash-based message authentication code function multiple times such that;

    at least one invocation of the hash-based message authentication code function involves an input to the hash-based message authentication code function that is based at least in part on a secret credential shared with the authenticating party, the secret credential being received from a central key authority and corresponding to the key zone; and

    at least another invocation of the hash-based message authentication code function involves a result from a previous invocation of the hash-based message authentication code function as an input to the hash-based message authentication code function;

    determining, by the one or more computer systems, whether the received signature matches the expected signature; and

    taking, by the one or more computer systems, when determined that the received signature matches the expected signature, one or more actions for which authentication of the received message is required.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×