Generating cryptographic challenges to communication requests
First Claim
Patent Images
1. A system comprising:
- a memory configured to store computer-executable instructions;
a communication component circuitry for communicating over a communication network with a client computing device; and
at least one processor, wherein the computer-executable instructions, when executed, configure the at least one processor to;
receive a request from the client computing device through the communication network;
assign a confidence level to the client computing device based at least in part on identification information associated with at least one of the client computing device or a user account associated with the request;
determine a target amount of computations for the client computing device to compute a response based at least in part on the confidence level assigned to the client computing device, and wherein the system selects parameters used to generate a cryptographic challenge based at least in part on the target amount of computations for the client computing device;
generate an ordered plurality of secret keys;
generate an ordered plurality of messages;
generate a first ordered plurality of message authentication codes, wherein each message authentication code is generated from a corresponding key of the ordered plurality of secret keys and a corresponding message of the ordered plurality of messages, wherein each message after a first message of the ordered plurality of messages is generated based at least in part on a secret key of the ordered plurality of secret keys used to generate a previous message authentication code of the ordered plurality of message authentication codes;
generate the cryptographic challenge, wherein the cryptographic challenge comprises the first message and the ordered plurality of message authentication codes;
transmit the cryptographic challenge to the client computing device through the communication network;
receive a challenge response to the cryptographic challenge from the client computing device through the communication network;
determine whether the challenge response includes at least a determined secret key of the ordered plurality of secret keys used to generate a determined message authentication code of the ordered plurality of message authentication codes; and
transmit a request response to the request to the client computing device through the communication network based, at least in part, on a result of the determination.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of a system or method useful in forcing a computing system to perform a target amount of computations is disclosed. The actual amount of computations may vary from the target amount to within a selected maximum variation. Embodiments of the system or method involve generating a cryptographic challenge to which the computing system needs to compute a response to validate a request from the computing system.
38 Citations
15 Claims
-
1. A system comprising:
-
a memory configured to store computer-executable instructions; a communication component circuitry for communicating over a communication network with a client computing device; and
at least one processor, wherein the computer-executable instructions, when executed, configure the at least one processor to;receive a request from the client computing device through the communication network; assign a confidence level to the client computing device based at least in part on identification information associated with at least one of the client computing device or a user account associated with the request; determine a target amount of computations for the client computing device to compute a response based at least in part on the confidence level assigned to the client computing device, and wherein the system selects parameters used to generate a cryptographic challenge based at least in part on the target amount of computations for the client computing device; generate an ordered plurality of secret keys; generate an ordered plurality of messages; generate a first ordered plurality of message authentication codes, wherein each message authentication code is generated from a corresponding key of the ordered plurality of secret keys and a corresponding message of the ordered plurality of messages, wherein each message after a first message of the ordered plurality of messages is generated based at least in part on a secret key of the ordered plurality of secret keys used to generate a previous message authentication code of the ordered plurality of message authentication codes; generate the cryptographic challenge, wherein the cryptographic challenge comprises the first message and the ordered plurality of message authentication codes; transmit the cryptographic challenge to the client computing device through the communication network; receive a challenge response to the cryptographic challenge from the client computing device through the communication network; determine whether the challenge response includes at least a determined secret key of the ordered plurality of secret keys used to generate a determined message authentication code of the ordered plurality of message authentication codes; and transmit a request response to the request to the client computing device through the communication network based, at least in part, on a result of the determination. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computer-implemented method comprising:
-
receiving a request from a client computing device through a communication network; assigning a confidence level to the client computing device based at least in part on identification information associated with at least one of the client computing device or a user account associated with the request; determining a target amount of computations for the client computing device to compute the response based at least in part on the confidence level assigned to the client computing device, and wherein the system selects parameters used to generate a cryptographic challenge based at least in part on the target amount of computations for the client computing device; generating an ordered plurality of secret keys; generating an ordered plurality of messages; generating an ordered plurality of message authentication codes, wherein each message authentication code is generated from a corresponding key of the ordered plurality of secret keys and a corresponding message of the ordered plurality of messages, wherein each message after a first message of the ordered plurality of messages is generated based at least in part on a secret key of the ordered plurality of secret keys used to generate a previous message authentication code of the ordered plurality of message authentication codes; generating the cryptographic challenge, wherein the cryptographic challenge comprises the first message and the ordered plurality of message authentication codes; transmitting the cryptographic challenge to the client computing device through the communication network; receiving a challenge response to the cryptographic challenge from the client computing device through the communication network; determining whether the challenge response includes at least a determined secret key of the ordered plurality of secret keys used to generate a determined message authentication code of the ordered plurality of message authentication codes; and transmitting a request response to the request to the client computing device through the communication network based, at least in part, on a result of the determination.
-
-
14. A non-transitory computer readable medium comprising computer-executable instructions that, when executed by a computing system, cause the computing system to:
-
receive a request from a client computing device through a communication network; assign a confidence level to the client computing device based at least in part on identification information associated with at least one of the client computing device or a user account associated with the request; determine a target amount of computations for the client computing device to compute a response based at least in part on the confidence level assigned to the client computing device, and wherein the system selects parameters used to generate a cryptographic challenge based at least in part on the target amount of computations for the client computing device; generate the cryptographic challenge, wherein the cryptographic challenge comprises a first message and an ordered plurality of message authentication codes, wherein each message authentication code is generated from a corresponding secret key of an ordered plurality of secret keys and a corresponding message of an ordered plurality of messages, wherein each message after the first message is generated based at least in part on a secret key of the ordered plurality of secret keys used to generate a previous message authentication code of the ordered plurality of message authentication codes; transmit the cryptographic challenge to the client computing device through the communication network; receive a challenge response to the cryptographic challenge from the client computing device through the communication network; determine whether the challenge response includes at least a determined secret key of the ordered plurality of secret keys used to generate a determined message authentication code of the ordered plurality of message authentication codes; and transmit a request response to the request to the client computing device through the communication network based, at least in part, on a result of the determination. - View Dependent Claims (15)
-
Specification