Authentication system using one-time passwords
Patent 5661807 Issued on August 26, 1997. Estimated Expiration Date: 
August 18, 2015. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.
August 18, 2015. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.Patent ReferencesMethod and apparatus for synchronizing generation of separate, free running, time dependent equipment Method and apparatus for personal identification Method and apparatus for personal identification Method and apparatus for personal identification Patent #: 5367572 Inventors
ApplicationNo. 516889 filed on 08/18/1995US Classes:713/159, Including intelligent token340/5.26, Code rotating or scrambling380/29, NBS/DES algorithm380/37Block/data stream encipheringExaminersPrimary: Gregory, Bernarr E.Attorney, Agent or FirmInternational ClassesH04L 009/00H04L 009/32 AbstractA system for authenticating a user located at a requesting node to a resource such as a host application located at an authenticating node using one-time passwords that change pseudorandomly with each request for authentication. At the requesting node a non-time-dependent value is generated from nonsecret information identifying the user and the host application, using a secret encryption key shared with the authenticating node. The non-time-dependent value is combined with a time-dependent value to generate a composite value that is encrypted to produce an authentication parameter. The authentication parameter is reversibly transformed into an alphanumeric character string that is transmitted as a one-time password to the authenticating node. At the authenticating node the received password is transformed back into the corresponding authentication parameter, which is decrypted to regenerate the composite value. The non-time-dependent value is replicated at the authenticating node using the same nonsecret information and encryption key shared with the requesting node. The locally generated non-time-dependent value is combined with the regenerated composite value to regenerate the time-dependent value. The user is authenticated if the regenerated time-dependent value is within a predetermined range of a time-dependent value that is locally generated at the authenticating node.Other References
| |
