Method and system for state machine security device
First Claim
1. A method for authenticating a transaction or access via a security device, the method comprising:
- communicating an authentication request by the security device to an authentication server;
for a sequence of information requests comprising a plurality of information requests;
receiving an information request in the plurality of information requests at the security device from the authentication server;
in response to the received information request, sending a response from the security device to the authentication server, the response comprising a value generated based on a current state in a plurality of states of an internal authentication state machine in the security device; and
repeating said receiving and said sending for each information request in the plurality of information requests to traverse the authentication state machine until sending a response to a last information request in the sequence of information requests, wherein the values sent to the authentication server comprise a sequence of reported values,wherein the security device is authenticated by the authentication server based on comparing of the sequence of reported values with a sequence of expected values used by the authentication server in uniquely identifying the security device.
1 Assignment
0 Petitions
Accused Products
Abstract
A security device may be utilized to provide security measures to an electronic device that may incorporate the security device or be coupled to it. The security measures may comprise authentication (e.g., authentication of devices, users, or activities), and/or encryption measures (e.g., encrypting or decrypting exchanged data). A transaction or access via the security device may be authenticated by communicating an authentication request by the security device to an authentication server, which may generate, in response, a sequence of information requests that are sent to the security device. The security device may then generate, in response, a sequence of responses that are sent to the authentication server, with the sequence of responses comprising a sequence of reported values each of which are unique. The authentication server may then authenticate the security device based on comparing of the sequence of reported values with a sequence of expected values that identifies the security device.
16 Citations
31 Claims
-
1. A method for authenticating a transaction or access via a security device, the method comprising:
-
communicating an authentication request by the security device to an authentication server; for a sequence of information requests comprising a plurality of information requests; receiving an information request in the plurality of information requests at the security device from the authentication server; in response to the received information request, sending a response from the security device to the authentication server, the response comprising a value generated based on a current state in a plurality of states of an internal authentication state machine in the security device; and repeating said receiving and said sending for each information request in the plurality of information requests to traverse the authentication state machine until sending a response to a last information request in the sequence of information requests, wherein the values sent to the authentication server comprise a sequence of reported values, wherein the security device is authenticated by the authentication server based on comparing of the sequence of reported values with a sequence of expected values used by the authentication server in uniquely identifying the security device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 30)
-
-
14. A security device, comprising:
one or more circuits configured to; communicate an authentication request to an authentication server; for a sequence of information requests comprising a plurality of information requests; receive an information request in the plurality of information requests at the security device from the authentication server; send, in response to the information request, a response in a sequence of responses to the authentication server, the response comprising a value generated based on a current state in a plurality of states of an internal authentication state machine in the security device; and repeat said receiving and said sending for each information request in the plurality of information requests to traverse the authentication state machine until sending a response to a last information request in the sequence of information requests, wherein the sequence of responses comprise a sequence of reported values; and communicate the sequence of responses to the authentication server to enable authenticating the security device by the authentication server by uniquely identifying the security device based on comparison in the authentication server of the sequence of reported values with a sequence of expected values. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
-
23. An authentication server, comprising:
one or more circuits configured to; receive an authentication request sent by a security device; generate, in response to the authentication request, a sequence of information requests comprising a plurality of information requests; for each request in the plurality of requests; send the information request to the security device; receive from the security device a response that is generated in response to the information request, the response comprising a value generated based on a current state in a plurality of states of an internal authentication state machine in the security device; repeat said sending and said receiving for each information request in the plurality of information requests in the sequence of information requests to traverse the authentication state machine of the security device until receiving a response to a last information request in the sequence of information requests, wherein the responses received at the authentication server comprise a sequence of reported values; and authenticate the security device based on comparing of the sequence of reported values with a sequence of expected values used by the authentication server in uniquely identifying the security device. - View Dependent Claims (24, 25, 26, 27, 28, 29, 31)
Specification