Cryptographic security functions based on anticipated changes in dynamic minutiae
DCFirst Claim
1. An identity recognition system comprising:
- a non-transitory memory storing information associated with one or more identities, wherein the information stored for an identity includes (a) data values associated with that identity; and
(b) information regarding anticipated changes to one or more of the stored data values associated with that identity;
one or more hardware processors in communication with the memory and configured to execute instructions to cause the identity recognition system to recognize that the presentation of identity information by a computer is authentic, by performing operations comprising;
generating a challenge to the computer, wherein the challenge prompts the computer to provide a response based on one or more data values from the computer that correspond to one or more of the stored data values associated with the identity;
receiving, from the computer, the response to the challenge;
determining whether the response is allowable, wherein such determining comprises using the stored information regarding anticipated changes to the stored data values associated with the identity to determine whether a data value used to form the response is based on an acceptable change to a corresponding stored data value; and
recognizing that the presentation of identity information by the computer is authentic, according to whether the computer has provided an allowable response to the challenge.
1 Assignment
Litigations
1 Petition
Accused Products
Abstract
Dynamic key cryptography validates mobile device users to cloud services by uniquely identifying the user'"'"'s electronic device using a very wide range of hardware, firmware, and software minutiae, user secrets, and user biometric values found in or collected by the device. Processes for uniquely identifying and validating the device include: selecting a subset of minutia from a plurality of minutia types; computing a challenge from which the user device can form a response based on the selected combination of minutia; computing a set of pre-processed responses that covers a range of all actual responses possible to be received from the device if the combination of the particular device with the device'"'"'s collected actual values of minutia is valid; receiving an actual response to the challenge from the device; determining whether the actual response matches any of the pre-processed responses; and providing validation, enabling authentication, data protection, and digital signatures.
-
Citations
25 Claims
-
1. An identity recognition system comprising:
-
a non-transitory memory storing information associated with one or more identities, wherein the information stored for an identity includes (a) data values associated with that identity; and
(b) information regarding anticipated changes to one or more of the stored data values associated with that identity;one or more hardware processors in communication with the memory and configured to execute instructions to cause the identity recognition system to recognize that the presentation of identity information by a computer is authentic, by performing operations comprising; generating a challenge to the computer, wherein the challenge prompts the computer to provide a response based on one or more data values from the computer that correspond to one or more of the stored data values associated with the identity; receiving, from the computer, the response to the challenge; determining whether the response is allowable, wherein such determining comprises using the stored information regarding anticipated changes to the stored data values associated with the identity to determine whether a data value used to form the response is based on an acceptable change to a corresponding stored data value; and recognizing that the presentation of identity information by the computer is authentic, according to whether the computer has provided an allowable response to the challenge. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. An identity recognition system comprising:
-
a non-transitory memory storing information associated with one or more identities, wherein the information stored for an identity includes (a) data values associated with that identity; one or more hardware processors in communication with the memory and configured to execute instructions to cause the identity recognition system to recognize that the presentation of identity information by a computer is authentic, by performing operations comprising; generating a challenge, wherein the challenge originates at the computer and prompts the computer to transmit an identity claim comprising identity information; receiving, from the computer, one or more communications comprising the identity claim comprising identity information, wherein at least a portion of the identity claim is formed based on one or more data values from the computer, and wherein at least one of the data values used to form the identity claim corresponds to a stored data value; determining whether the one or more communications received from the computer are sufficient to recognize that the identity claim is allowable, wherein such determining comprises using the stored information regarding anticipated changes to the stored data values to determine whether a data value used to form the identity claim is based on an acceptable change to a corresponding stored data value associated with the identity; and recognizing that the presentation of identity information by the computer is authentic, according to whether the computer has provided an allowable identity claim in response to the challenge.
-
-
25. An identity recognition system comprising:
-
a non-transitory memory storing information associated with one or more identities, wherein the information stored for an identity includes (a) data values associated with that identity; and
(b) information regarding anticipated changes to one or more of the stored data values associated with that identity;one or more hardware processors in communication with the memory and configured to execute instructions to cause the identity recognition system to recognize that the presentation by a first computer of an identity claim is authentic, by performing operations comprising; generating a challenge, wherein the challenge originates at a second computer distinct from the first computer and prompts the first computer to transmit an identity claim comprising identity information; receiving, from the first computer, a communication comprising the identity claim comprising identity information, wherein the identity claim is based on one or more data values from the first computer, and wherein at least one of the data values upon which the communication is based corresponds to a stored data value for the identity; determining whether the communication received from the first computer is sufficient to recognize that the identity claim is allowable, wherein such determining comprises using the stored information regarding anticipated changes to the stored data values to determine whether a data value upon which the communication is based reflects an acceptable change to a corresponding stored data value associated with the identity; and recognizing that the presentation of identity information by the first computer is authentic, according to whether the first computer has provided an allowable identity claim in response to the challenge.
-
Specification