System and method for secure authentication

US 9,940,463 B2
Filed: 08/30/2017
Issued: 04/10/2018
Est. Priority Date: 12/04/2009
Status: Active Grant

First Claim

Patent Images

1. A method for device authentication comprising:

receiving, by processing hardware of a first device, a message from a second device to authenticate the first device;

retrieving, by the processing hardware, a secret value from secure storage hardware operatively coupled to the processing hardware;

deriving, by the processing hardware, a validator from the secret value using a path through a key tree, wherein the path identifies a plurality of entropy distribution operations and is based on dividing the message into a plurality of parts, wherein the key tree avoids leakage of the secret value at least in part by computing a plurality of successive intermediate keys starting with a value based on the secret value and leading to the validator, wherein each successive intermediate key is derived based on a different part of the plurality of parts of the message and a prior key; and

exchanging the validator between the first device and the second device as part of a challenge-response protocol in order to authenticate the first device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for device authentication comprises receiving, by processing hardware of a first device, a message from a second device to authenticate the first device. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware derives a validator from the secret value using a path through a key tree, wherein the path is based on the message, wherein deriving the validator using the path through the key tree comprises computing a plurality of successive intermediate keys starting with a value based on the secret value and leading to the validator, wherein each successive intermediate key is derived based on at least a portion of the message and a prior key. The first device then sends the validator to the second device.

Citations

14 Claims

1. A method for device authentication comprising:
- receiving, by processing hardware of a first device, a message from a second device to authenticate the first device;
  
  retrieving, by the processing hardware, a secret value from secure storage hardware operatively coupled to the processing hardware;
  
  deriving, by the processing hardware, a validator from the secret value using a path through a key tree, wherein the path identifies a plurality of entropy distribution operations and is based on dividing the message into a plurality of parts, wherein the key tree avoids leakage of the secret value at least in part by computing a plurality of successive intermediate keys starting with a value based on the secret value and leading to the validator, wherein each successive intermediate key is derived based on a different part of the plurality of parts of the message and a prior key; and
  
  exchanging the validator between the first device and the second device as part of a challenge-response protocol in order to authenticate the first device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. A method as in claim 1, wherein the first device comprises a printer cartridge and the second device comprises a printer.
  - 3. A method as in claim 1, wherein a first part of the plurality of parts determines a first leg of the path through the key tree and a second part of the plurality of parts determines a second leg of the path through the key tree, and wherein the first leg of the path is associated with a first entropy distribution operation and the second leg of the path is associated with a second entropy distribution operation.
  - 4. A method as in claim 1, further comprisingcomparing, at the second device, the validator to an expected response generated by the second device;
    - andverifying at the second device that the first device is authentic when the validator matches the expected response.
  - 5. A method as in claim 4, wherein the expected response comprises an expected validator, the method further comprising:
    - deriving the expected validator from an additional secret value at the second device using the path through the key tree, wherein the path is based on the message.
  - 6. A method as in claim 4, the method further comprising:
    - deriving, at the second device, a second validator using the path through the key tree;
      
      sending the second validator to the first device; and
      
      verifying at the first device that the second device is authentic when the second validator matches an expected value.

7. A system, comprising:
- a first device comprising secure storage hardware and processing hardware operatively coupled to the secure storage hardware, wherein the secure storage hardware is to store a secret value and the processing hardware is to;
  
  receive a message from a second device to authenticate the first device;
  
  retrieve the secret value from the secure storage hardware;
  
  derive a validator from the secret value using a path through a key tree, wherein the path identifies a plurality of entropy distribution operations and is based on dividing the message into a plurality of parts, wherein the key tree avoids leakage of the secret value at least in part by, computing a plurality of successive intermediate keys starting with a value based on the secret value and leading to the validator, wherein each successive intermediate key is derived based on a different part of the plurality of parts of the message and a prior key; and
  
  exchange the validator between the first device and the second device as part of a challenge-response protocol in order to authenticate the first device.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The system of claim 7, further comprising the second device, wherein the second device is to:
    - generate an expected response;
      
      compare the validator to the expected response;
      
      determine whether the validator matches the expected response; and
      
      verify that the first device is authentic responsive to determining that the validator matches the expected response.
  - 9. The system of claim 8, wherein the expected response comprises an expected validator, and wherein the second device is to:
    - derive the expected validator from an additional secret value at the second device using the path through the key tree.
  - 10. The system of claim 7, wherein the first device comprises a printer cartridge and the second device comprises a printer.
  - 11. The system of claim 7, wherein a first part of the plurality of parts determines a first leg of the path through the key tree and a second part of the plurality of parts determines a second leg of the path through the key tree, and wherein the first leg of the path is associated with a first entropy distribution operation and the second leg of the path is associated with a second entropy distribution operation.

12. A system comprising:
- a first device comprising processing hardware, wherein the processing hardware is to;
  
  send a message to a second device as part of a challenge-response protocol in order to authenticate the first device;
  
  receive a response from the second device as part of the challenge-response protocol, the response comprising a first validator;
  
  derive a second validator from a secret value using a path through a key tree, wherein the path identifies a plurality of entropy distribution operations and is based on dividing the message into a plurality of parts, wherein the key tree avoids leakage of the secret value at least in part by, computing a plurality of successive intermediate keys starting with a value based on the secret value and leading to the validator, wherein each successive intermediate key is derived based on a different part of the plurality of parts of the message and a prior key;
  
  compare the first validator to the second validator;
  
  determine whether the first validator matches the second validator; and
  
  verify that the second device is authentic responsive to determining that the first validator matches the second validator.
- View Dependent Claims (13, 14)
- - 13. The system of claim 12, wherein a first part of the plurality of parts determines a first leg of the path through the key tree and a second part of the plurality of parts determines a second leg of the path through the key tree, and wherein the first leg of the path is associated with a first entropy distribution operation and the second leg of the path is associated with a second entropy distribution operation.
  - 14. The system of claim 12, wherein the first device comprises a printer and the second device comprises a printer cartridge.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cryptography Research, Inc. (Rambus Inc.)
Original Assignee
Cryptography Research, Inc. (Rambus Inc.)
Inventors
Kocher, Paul, Rohatgi, Pankaj, Jaffe, Joshua M.
Primary Examiner(s)
LYNCH, SHARON S

Application Number

US15/691,601
Publication Number

US 20180004957A1
Time in Patent Office

223 Days
Field of Search
US Class Current
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/556   involving covert channels, ...

G06F 21/575   Secure boot

G06F 21/602   Providing cryptographic fac...

G06F 21/755   with measures against power...

G06F 21/76   in application-specific int...

G06F 2212/402   Encrypted data

G06F 2221/034   Test or assess a computer o...

G06F 2221/2107   File encryption

G06F 2221/2125   Just-in-time application of...

G06F 2221/2145   Inheriting rights or proper...

G06F 8/71   Version control security ar...

G06F 9/44505   Configuring for program ini...

H04L 2209/24   Key scheduling, i.e. genera...

H04L 2209/56   Financial cryptography, e.g...

H04L 2463/061   applying further key deriva...

H04L 63/0428   wherein the data content is...

H04L 63/0869   for achieving mutual authen...

H04L 9/003   for power analysis, e.g. di...

H04L 9/0631   Substitution permutation ne...

H04L 9/085 : Secret sharing or secret sp...

H04L 9/0861 : Generation of secret inform...

H04L 9/088 : Usage controlling of secret...

H04L 9/0894 : Escrow, recovery or storing...

H04L 9/16 : the keys or algorithms bein...

H04L 9/3236 : using cryptographic hash fu...

H04L 9/3247 : involving digital signatures

H04L 9/3271 : using challenge-response

H04L 9/50 : using hash chains, e.g. blo...

View All

System and method for secure authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for secure authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links