Time and event based one time password

US 9,258,124 B2
Filed: 04/21/2006
Issued: 02/09/2016
Est. Priority Date: 04/21/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

at a first time, changing a value of a time and event-based counter (TEC) in response to the passage of time;

at a second time, changing the value of the TEC in response to an occurrence of an event other than the passage of time, wherein at least one of the changing of the value in response to the passage of time or the changing of the value in response to the occurrence of the event decreases the value of the TEC; and

determining, by a processor, a one time password based on the changed value of the TEC when the event occurs and not when the passage of time occurs.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for generating a One Time Password (OTP) based upon a value TEC that can change based both upon the occurrence of an event and the passage of time. The OTP can be computed at a token and sent to a verifier. The verifier stores exact or estimated parameters necessary to compute one or more expected OTPs from the token, including TEC. The value TEC can be synchronized between the token and the verifier.

Citations

33 Claims

1. A method comprising:
- at a first time, changing a value of a time and event-based counter (TEC) in response to the passage of time;
  
  at a second time, changing the value of the TEC in response to an occurrence of an event other than the passage of time, wherein at least one of the changing of the value in response to the passage of time or the changing of the value in response to the occurrence of the event decreases the value of the TEC; and
  
  determining, by a processor, a one time password based on the changed value of the TEC when the event occurs and not when the passage of time occurs.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the one time password is further determined based on an adjunct value.
  - 3. The method of claim 2, wherein the adjunct value is based on a cryptographic key.
  - 4. The method of claim 2, wherein the adjunct value is based on a shared secret and public information.
  - 5. The method of claim 1, where the event is the pressing of a button.
  - 6. The method of claim 1, wherein the event is the selection of a dialog box.
  - 7. The method of claim 1, wherein the event is the meeting of a condition.
  - 8. The method of claim 1, wherein the value of the TEC is changed in response to the passage of time after a passage of a predetermined amount of time.
  - 9. The method of claim 1, wherein the value of the TEC is changed by T1 after T seconds.
  - 10. The method of claim 1, wherein the value of the TEC is changed after the occurrence of a predetermined plurality of the events.
  - 11. The method of claim 1, wherein the one time password is computed in accordance with the algorithm specified in RFC 4226.
  - 12. The method of claim 1, further comprising changing the value of the TEC in response to the passage of each of a plurality of separate time intervals.
  - 13. The method of claim 1, further comprising changing the value of the TEC in response to the occurrence of each of a plurality of separate events, each event being of the same type.
  - 14. The method of claim 13, wherein the event type is one of:
    - a button press, a key press, scanning a biometric, selection of a graphical interface element, activation of a computer application program, or activation of a feature of a computer application program.

15. An apparatus to generate a one time password, the apparatus comprising a processor to change a value of a TEC at a first time in response to the passage of time and to change the value of the TEC at a second time in response to the occurrence of an event other than the passage of time, and to compute a one time password based on the value of the TEC when the event occurs and not when the passage of time occurs, wherein at least one of the changing of the value in response to the passage of time or the changing of the value in response to the occurrence of the event decreases the value of the TEC.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
- - 16. The apparatus of claim 15, further comprising a memory and a display coupled to the processor.
  - 17. The apparatus of claim 16, wherein the processor is further to cause the display to show the one time password.
  - 18. The apparatus of claim 15, wherein the processor is further to change the value of the TEC by T1 when the processor detects the passage of T seconds.
  - 19. The apparatus of claim 15, wherein the processor is further to change the value of the TEC by E1 when the processor detects the occurrence of an event E.
  - 20. The apparatus of claim 15, wherein the processor is further to compute the one time password in accordance with the algorithm specified in RFC 4226.
  - 21. The apparatus of claim 15, the processor is further to change the value of the TEC in response to the passage of each of a plurality of separate time intervals.
  - 22. The apparatus of claim 15, the processor is further to change the value of the TEC in response to the occurrence of each of a plurality of separate events, each event being of the same type.
  - 23. The method of claim 22, wherein the event type is one of:
    - a button press, a key press, scanning a biometric, selection of a graphical interface element, activation of a computer application program, or activation of a feature of a computer application program.

24. A non-transitory machine-readable storage medium storing instructions to be executed by a processor to compute a one time password based upon a value that is changed at a first time responsive to the passage of time, and the value is also changed at a second time responsive to the occurrence of an event other than the passage of time, wherein the one time password is computed based upon the value when the event occurs and not when the passage of time occurs, and wherein at least one of the changing of the value responsive to the passage of time or the changing of the value responsive to the occurrence of the event decreases the value of the TEC.
- View Dependent Claims (25)
- - 25. The medium of claim 24, wherein the one time password is computed based upon an adjunct value.

26. A method of generating a one-time password by a token, comprising:
- initializing a counter, the value of the counter being stored in a computer-readable storage medium in the token;
  
  at a first time, changing the value of the counter a first time solely in response to the passage of a time interval;
  
  at a second time, changing the value of the counter based on the occurrence of an event other than the passage of the time interval, wherein at least one of the changing of the value in response to the passage of the time interval or the changing of the value based on the occurrence of the event decreases the value of the counter; and
  
  generating, by a processor contained in the token, the one-time password based on the value of the counter when the event occurs and not when the passage of time occurs.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33)
- - 27. The method of claim 26, wherein the one time password is further generated based upon an adjunct value.
  - 28. The method of claim 27, wherein the adjunct value is based upon a shared secret.
  - 29. The method of claim 27, wherein the adjunct value is based upon a shared secret and public information.
  - 30. The method of claim 26, wherein the one time password is generated in accordance with the algorithm specified in RFC 4226.
  - 31. The method of claim 26, further comprising changing the value of the counter in response to the passage of each of a plurality of separate time intervals.
  - 32. The method of claim 26, further comprising changing the value of the counter in response to the occurrence of each of a plurality of separate events, each event being of the same type.
  - 33. The method of claim 32, wherein the event type is one of:
    - a button press, a key press, scanning a biometric, selection of a graphical interface element, activation of a computer application program, or activation of a feature of a computer application program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Symantec Corporation (NortonLifeLock Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
M'Raihi, David
Primary Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US11/407,996
Publication Number

US 20070250923A1
Time in Patent Office

3,581 Days
Field of Search

726/18, 713/184, 380/262
US Class Current

1/1
CPC Class Codes

G06F 21/34   involving the use of extern...

H04L 9/0863   involving passwords or one-...

H04L 9/12   Transmitting and receiving ...

H04L 9/3228   One-time or temporary data,...

H04L 9/3234   involving additional secure...

H04L 9/3242   involving keyed hash functi...

Time and event based one time password

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Time and event based one time password

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links