Recovery mechanism for fault-tolerant split-server passcode verification of one-time authentication tokens

US 9,350,545 B1
Filed: 06/30/2014
Issued: 05/24/2016
Est. Priority Date: 06/30/2014
Status: Active Grant

First Claim

Patent Images

1. A recovery method for a split-server passcode verification system comprising a plurality of authentication servers, said recovery method comprising:

determining that a first one of said plurality of authentication servers is unavailable;

instructing a second one of said plurality of authentication servers to enter a recovery mode based on the determination that the first one of said plurality of authentication servers is unavailable, wherein prior to said first authentication server becoming unavailable, at least one of said first and second authentication servers provide a respective secret key used to protect a partial secret state to a relying party and said second authentication server receives an encrypted version of said respective partial secret state of said first authentication server;

obtaining said encrypted partial secret state of said first authentication server from said second authentication server;

decrypting said received said encrypted partial secret state of said first authentication server to recover said partial secret state of said first authentication server; and

employing said recovered partial secret state of said first authentication server to perform a split-server passcode verification of at least one user with said second authentication server.

View all claims

18 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A recovery mechanism is provided for split-server passcode verification systems. An exemplary server-centric recovery scheme enables the system to respond to authentication attempts even if an authentication server is unavailable. The exemplary server-centric recovery scheme allows a periodic exchange of encrypted partial secret states among the authentication servers. Recovery occurs by allowing the decryption of the encrypted partial secret state that corresponds to the server that is unresponsive. An exemplary token-centric recovery scheme comprises determining that a first authentication server is unavailable; applying an authentication mechanism to a message requesting a token to change to a new split-state mode; and sending the authenticated message to the token.

22 Citations

View as Search Results

16 Claims

1. A recovery method for a split-server passcode verification system comprising a plurality of authentication servers, said recovery method comprising:
- determining that a first one of said plurality of authentication servers is unavailable;
  
  instructing a second one of said plurality of authentication servers to enter a recovery mode based on the determination that the first one of said plurality of authentication servers is unavailable, wherein prior to said first authentication server becoming unavailable, at least one of said first and second authentication servers provide a respective secret key used to protect a partial secret state to a relying party and said second authentication server receives an encrypted version of said respective partial secret state of said first authentication server;
  
  obtaining said encrypted partial secret state of said first authentication server from said second authentication server;
  
  decrypting said received said encrypted partial secret state of said first authentication server to recover said partial secret state of said first authentication server; and
  
  employing said recovered partial secret state of said first authentication server to perform a split-server passcode verification of at least one user with said second authentication server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein said step of employing said recovered partial secret state of said first authentication server to perform said split-server passcode verification is performed until one or more of said first authentication server is available and a replacement authentication server is initiated.
  - 3. The method of claim 1, wherein said first and second authentication servers exchange an encrypted version of said respective partial secret stat.
  - 4. The method of claim 1, further comprising the steps of generating secret keys sk_B,t, sk_R,tfor said first and second authentication servers, respectively;
    - obtaining a respective partial secret state σ
      
      _B,t, σ
      
      _R,tfrom said first and second authentication servers, respectively;
      
      encrypting said respective partial secret states σ
      
      _B,t, σ
      
      _R,tusing at least one encryption key; and
      
      providing each of said encrypted versions c_B,t, c_R,tof said respective partial secret state σ
      
      _B,t, σ
      
      _R,tto the other of said authentication servers.
  - 5. The method of claim 1, wherein said at least one of said first and second authentication servers provide a respective secret key used to protect a partial secret state to a relying party and said second authentication server receives an encrypted version of said respective partial secret state of said first authentication server substantially simultaneously with a proactivization process.
  - 6. The method of claim 1, wherein said first and second authentication servers provide an “
    - aliveness”
      
      message to at least one other server.
  - 7. The method of claim 1, wherein each of said encrypted partial secret states is encrypted under an independent master secret key unknown to said authentication server receiving said encrypted partial secret state.
  - 8. The method of claim 1, wherein said second authentication server receives an encrypted version of said respective partial secret state of said first authentication server at a recovery state update rate.

9. An apparatus in a split-server passcode verification system comprising a plurality of authentication servers, comprising:
- a memory; and
  
  at least one hardware device, coupled to the memory, operative to implement the following steps;
  
  determining that a first one of said plurality of authentication servers is unavailable;
  
  instructing a second one of said plurality of authentication servers to enter a recovery mode based on the determination that the first one of said plurality of authentication servers is unavailable, wherein prior to said first authentication server becoming unavailable, at least one of said first and second authentication servers provide a respective secret key used to protect a partial secret state to a relying party and said second authentication server receives an encrypted version of said respective partial secret state of said first authentication server;
  
  obtaining said encrypted partial secret state of said first authentication server from said second authentication server;
  
  decrypting said received said encrypted partial secret state of said first authentication server to recover said partial secret state of said first authentication server; and
  
  employing said recovered partial secret state of said first authentication server to perform a split-server passcode verification of at least one user with said second authentication server.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The apparatus of claim 9 wherein said step of employing said recovered partial secret state of said first authentication server to perform said split-server passcode verification is performed until one or more of said first authentication server is available and a replacement authentication server is initiated.
  - 11. The apparatus of claim 9 wherein said first and second authentication servers exchange an encrypted version of said respective partial secret state.
  - 12. The apparatus of claim 9, wherein said at least one hardware device is further configured to implement the steps of generating secret keys sk_B,t, sk_R,tfor said first and second authentication servers, respectively;
    - obtaining a respective partial secret state σ
      
      _B,t, σ
      
      _R,tfrom said first and second authentication servers, respectively;
      
      encrypting said respective partial secret states σ
      
      _B,t, σ
      
      _R,tusing at least one encryption key; and
      
      providing each of said encrypted versions C_B,t, c_R,tof said respective partial secret state σ
      
      B,t, σ
      
      R,t to the other of said authentication servers.
  - 13. The apparatus of claim 9, wherein said at least one of said first and second authentication servers provide a respective secret key used to protect a partial secret state to a relying party and said second authentication server receives an encrypted version of said respective partial secret state of said first authentication server substantially simultaneously with a proactivization process.
  - 14. The apparatus of claim 9, wherein said first and second authentication servers provide an “
    - aliveness”
      
      message to at least one other server.
  - 15. The apparatus of claim 9, wherein each of said encrypted partial secret states is encrypted under an independent master secret key unknown to said authentication server receiving said encrypted partial secret state.
  - 16. The apparatus of claim 9, wherein said second authentication server receives an encrypted version of said respective partial secret state of said first authentication server at a recovery state update rate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RSA Security LLC (Symphony Technology Group LLC)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Triandopoulos, Nikolaos, Brainard, John
Primary Examiner(s)
Gee, Jason K.
Assistant Examiner(s)
Zhu, Zhimei

Application Number

US14/319,417
Time in Patent Office

694 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0838   using one-time-passwords

H04L 9/085   Secret sharing or secret sp...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

H04L 9/3234   involving additional secure...

Recovery mechanism for fault-tolerant split-server passcode verification of one-time authentication tokens

First Claim

18 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Recovery mechanism for fault-tolerant split-server passcode verification of one-time authentication tokens

First Claim

18 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links