Agile OTP generation

US 9,306,942 B1
Filed: 05/13/2015
Issued: 04/05/2016
Est. Priority Date: 09/30/2010
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method for provisioning an OTP generator, the method comprising:

selecting one or more variance techniques from a set of variance techniques, wherein the variance technique is given by the function OTP=H(F(SKC, SKPC),InputSet), wherein the InputSet is a set comprising K and Time, wherein H is a Hash;

wherein K is a key, wherein SKC is a Symmetric Key certificate, F is a function for use in a variance technique for OTP generation, and wherein SKPC is a Symmetric Key Policy Certificate;

provisioning the OTP generator with the one or more variance techniques; and

enabling a validator to determine which authentication technique is used by the OTP generator.

View all claims

18 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, system, and apparatus for agile generation of one time passcodes (OTPs) in a security environment, the security environment having a token generator comprising a token generator algorithm and a validator, the method comprising generating a OTP at the token generator according to a variance technique; wherein the variance technique is selected from a set of variance techniques, receiving the OTP at a validator, determining, at the validator, the variance technique used by the token generator to generate the OTP, and determining whether to validate the OTP based on the OTP and variance technique.

149 Citations

21 Claims

1. A computer implemented method for provisioning an OTP generator, the method comprising:
- selecting one or more variance techniques from a set of variance techniques, wherein the variance technique is given by the function OTP=H(F(SKC, SKPC),InputSet), wherein the InputSet is a set comprising K and Time, wherein H is a Hash;
  
  wherein K is a key, wherein SKC is a Symmetric Key certificate, F is a function for use in a variance technique for OTP generation, and wherein SKPC is a Symmetric Key Policy Certificate;
  
  provisioning the OTP generator with the one or more variance techniques; and
  
  enabling a validator to determine which authentication technique is used by the OTP generator.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the validator comprises an information file denoting the one or more variance technique used by the OTP generator.
  - 3. The method of claim 1, wherein the validator is enabled to decode the variance technique from an OTP generated by the OTP generator.
  - 4. The method of claim 2, wherein the information file is a certificate.
  - 5. The method of claim 1, wherein the variance technique is obtained from variances within the OTP generator.
  - 6. The method of claim 1, wherein the variance technique is obtained from an environment of the OTP generator.
  - 7. The method of claim 1, wherein multiple variance techniques are selected from the set of variance techniques.

8. A computer program product for provisioning an OTP generator, the computer program product comprising:
- a non-transitory computer-readable medium encoded with computer-executable program code for provisioning the OTP generator, the code configured to enable the execution of;
  
  selecting one or more variance techniques from a set of variance techniques, wherein the variance technique is given by the function OTP=H(F(SKC, SKPC),InputSet), wherein the InputSet is a set comprising K and Time, wherein H is a Hash;
  
  wherein K is a key, wherein SKC is a Symmetric Key certificate, F is a function for use in a variance technique for OTP generation, and wherein SKPC is a Symmetric Key Policy Certificate;
  
  provisioning the OTP generator with the one or more variance techniques; and
  
  enabling a validator to determine which authentication technique is used by the OTP generator.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer program product of claim 8, wherein the validator comprises an information file denoting the one or more variance technique used by the OTP generator.
  - 10. The computer program product of claim 8, wherein the validator is enabled to decode the variance technique from an OTP generated by the OTP generator.
  - 11. The computer program product of claim 9, wherein the information file is a certificate.
  - 12. The computer program product of claim 8, wherein the variance technique is obtained from variances within the OTP generator.
  - 13. The computer program product of claim 8, wherein the variance technique is obtained from an environment of the OTP generator.
  - 14. The method of claim 8, wherein multiple variance techniques are selected from the set of variance techniques.

15. A system for provisioning an OTP generator, the system comprising:
- a validator;
  
  computer-executable program code operating in memory, wherein the computer-executable program code is configured to enable execution of;
  
  selecting one or more variance techniques from a set of variance techniques, wherein the variance technique is given by the function OTP=H(F(SKC, SKPC),InputSet), wherein the InputSet is a set comprising K and Time, wherein H is a Hash;
  
  wherein K is a key, wherein SKC is a Symmetric Key certificate, F is a function for use in a variance technique for OTP generation, and wherein SKPC is a Symmetric Key Policy Certificate;
  
  provisioning the OTP generator with the one or more variance techniques; and
  
  enabling the validator to determine which authentication technique is used by the OTP generator.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The system of claim 15, wherein the validator comprises an information file denoting the one or more variance technique used by the OTP generator.
  - 17. The system of claim 15, wherein the validator is enabled to decode the variance technique from an OTP generated by the OTP generator.
  - 18. The system of claim 16, wherein the information file is a certificate.
  - 19. The system of claim 15, wherein the variance technique is obtained from variances within the OTP generator.
  - 20. The system of claim 15, wherein the variance technique is obtained from an environment of the OTP generator.
  - 21. The method of claim 15, wherein multiple variance techniques are selected from the set of variance techniques.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RSA Security LLC (Symphony Technology Group LLC)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Bailey, Daniel Vernon, Brainard, John G, Duane, William M, O'Malley, Michael J, Philpott, Robert S
Primary Examiner(s)
Mehrmanesh, Amir

Application Number

US14/710,768
Time in Patent Office

328 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/0435   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 63/0838   using one-time-passwords

H04L 9/003   for power analysis, e.g. di...

H04L 9/3228   One-time or temporary data,...

H04L 9/3234   involving additional secure...

Agile OTP generation

First Claim

18 Assignments

0 Petitions

Accused Products

Abstract

149 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Agile OTP generation

First Claim

18 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

149 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links