Split channel authenticity queries in multi-party dialog
First Claim
1. A method of authenticating a challenged party, the method comprising:
- receiving at a communication device a request for an authenticity challenge;
in response to receiving the request, the communication device sending an authenticity challenge query data string to the challenged party using n authentication information parts, each part sent using one of n different communication channels, wherein the authenticity challenge query data string comprises a question that is answerable by the challenged party if the challenged party is authentic, wherein n is an integer greater than or equal to two, and wherein the question cannot be derived from any one of the n authentication information parts;
receiving at the communication device an answer to the question from the challenged party; and
responsive to determining using a processor of the communication device that the answer is correct, authenticating the challenged party and allowing the challenged party to participate in or to continue participating in a multi-party dialog.
4 Assignments
0 Petitions
Accused Products
Abstract
Authenticity of a proposed future or current participant in a multi-party dialog is checked by splitting an authenticity challenge query into at least two portions wherein none of the portions individually contains sufficient information to fully define the challenge query. These separated portions are then sent to another dialog participant over at least two different communication channels thus enhancing the probability that a successive challenge response is authentic. The authenticity challenge query and splitting thereof into plural portions may include formation of a logical combination (e.g., exclusive-OR) of first and second data strings (one of which may be a challenge question) to produce a resultant third data string where the separated and separately communicated portions include the first and third data strings as separate portions as being sent over respectively different communication channels.
-
Citations
27 Claims
-
1. A method of authenticating a challenged party, the method comprising:
-
receiving at a communication device a request for an authenticity challenge; in response to receiving the request, the communication device sending an authenticity challenge query data string to the challenged party using n authentication information parts, each part sent using one of n different communication channels, wherein the authenticity challenge query data string comprises a question that is answerable by the challenged party if the challenged party is authentic, wherein n is an integer greater than or equal to two, and wherein the question cannot be derived from any one of the n authentication information parts; receiving at the communication device an answer to the question from the challenged party; and responsive to determining using a processor of the communication device that the answer is correct, authenticating the challenged party and allowing the challenged party to participate in or to continue participating in a multi-party dialog. - View Dependent Claims (2, 3, 4, 5, 9)
-
- 6. The method as claimed in 1, further comprising forming, using the authenticity challenge query data string and a first data string, at least a second data string, wherein the n authentication information parts comprise the first and second data strings.
-
10. A method of authenticating a challenged party, the method comprising:
-
receiving, by the challenged party, n authentication information parts, each part received via one of n different communication channels; using a processor to reconstruct an authenticity challenge query data string from the n authentication information parts, wherein the authenticity challenge query data string comprises a question that is answerable by the challenged party if the challenged party is authentic, wherein n is an integer greater than or equal to two, and wherein the question cannot be derived from any one of the n authentication information parts; using the processor to formulate the answer to the question of the authenticity challenge query data string; sending the answer to an entity to authenticate the challenged party; and participating in or continuing participation in a multi-party dialog if the answer is correct. - View Dependent Claims (11, 12)
-
-
13. A system of authenticating a challenged party, the system comprising:
a first communication device comprising a processor configured to; receive a request for an authenticity challenge; in response to receiving the request, send an authenticity challenge query data string to the challenged party using n authentication information parts, each part sent using one of n different communication channels, wherein the authenticity challenge query data string comprises a question that is answerable by the challenged party if the challenged party is authentic, wherein n is an integer greater than or equal to two, and wherein the question cannot be derived from any one of the n authentication information parts; receive an answer to the question from the challenged party; and responsive to determining that the answer is correct, authenticate the challenged party and allow the challenged party to participate in or to continue participating in a multi-party dialog. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
26. A non-transitory computer-readable storage medium comprising instructions, which, when executed by a processor, cause the processor to:
-
receive a request for an authenticity challenge; in response to receiving the request, send an authenticity challenge query data string to a challenged party using n authentication information parts, each part sent using one of n different communication channels, wherein the authenticity challenge query data string comprises a question that is answerable by the challenged party if the challenged party is authentic, wherein n is an integer greater than or equal to two, and wherein the question cannot be derived from any one of the n authentication information parts; receive an answer to the question from the challenged party; and responsive to determining that the answer is correct, authenticate the challenged party.
-
-
27. A non-transitory computer-readable storage medium comprising instructions, which, when executed by a processor, cause the processor to:
-
receive, by a challenged party, n authentication information parts, each part received via one of n different communication channels; reconstruct an authenticity challenge query data string from the n authentication information parts, wherein the authenticity challenge query data string comprises a question that is answerable by the challenged party if the challenged party is authentic, wherein n is an integer greater than or equal to two, and wherein the question cannot be derived from any one of the n authentication information parts; formulate the answer to the question of the authenticity challenge query data string; send the answer to an entity to authenticate the challenged party; and participate in or continue participation in a multi-party dialog if the answer is correct.
-
Specification