Method to manage a one time password key
First Claim
1. A method to manage a One Time Password key, referenced OTP key, used in an OTP algorithm in a user device having access to an unsafe storage including the preliminary steps of:
- retrieving a Personal Identification Number, named PIN, of a user of the user device,deriving a symmetric key from the PIN,encrypting the OTP key using the derived symmetric key,storing the encrypted OTP key in the unsafe storagethe method further comprising the following steps, when the calculation of an OTP is required;
retrieving a PIN of a user of the user device,decrypting the stored OTP key using the derived symmetric key, andusing said decrypted OTP key and an incremental parameter to generate a next OTP,wherein the incremental parameter has values within an interval in which the number of possible values for the incremental parameter is limited and the algorithm is such that a counter is not wrapped, and the start value of the incremental parameter of the OTP generation is a generated random value chosen in a limited interval of possible values for the incremental parameter,and wherein, in the case the counter is incremented, the limited interval is one including lowest bits.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to a method to manage a One Time Password key, referenced OTP key, used in an OTP algorithm in a user device having access to an unsafe storage including the steps of retrieving a Personal Identification Number, named PIN, of a user of the user device, deriving a symmetric key from the PIN, encrypting the OTP key using the derived symmetric key, storing the encrypted OTP key in the unsafe storage, decrypting the OTP key using the derived symmetric key, and generating a next OTP key using an incremental parameter, wherein the start value of the incremental parameter of the OTP key generation is random.
-
Citations
6 Claims
-
1. A method to manage a One Time Password key, referenced OTP key, used in an OTP algorithm in a user device having access to an unsafe storage including the preliminary steps of:
-
retrieving a Personal Identification Number, named PIN, of a user of the user device, deriving a symmetric key from the PIN, encrypting the OTP key using the derived symmetric key, storing the encrypted OTP key in the unsafe storage the method further comprising the following steps, when the calculation of an OTP is required; retrieving a PIN of a user of the user device, decrypting the stored OTP key using the derived symmetric key, and using said decrypted OTP key and an incremental parameter to generate a next OTP, wherein the incremental parameter has values within an interval in which the number of possible values for the incremental parameter is limited and the algorithm is such that a counter is not wrapped, and the start value of the incremental parameter of the OTP generation is a generated random value chosen in a limited interval of possible values for the incremental parameter, and wherein, in the case the counter is incremented, the limited interval is one including lowest bits. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification
-
- Resources
-
Current AssigneeGemalto SA (Thales SA)
-
Original AssigneeGemalto SA (Thales SA)
-
InventorsLansler, Martin, Petit, Sebastien, Pierquin, Guillaume
-
Primary Examiner(s)Okeke, Izunna
-
Application NumberUS15/128,185Publication NumberTime in Patent Office1,371 DaysField of SearchUS Class CurrentCPC Class CodesG06F 21/602 Providing cryptographic fac...H04L 63/067 using one-time keys cryptog...H04L 63/0838 using one-time-passwordsH04L 9/0863 involving passwords or one-...H04L 9/0869 involving random numbers or...H04L 9/12 Transmitting and receiving ...H04L 9/3226 using a predetermined code,...H04L 9/3228 One-time or temporary data,...
