| 发明名称 | Passcode verification using hardware secrets | ||
| 摘要 | A hardware secret is securely maintained in a computing device. The hardware secret is used to generate a hash of a passcode that is persistently stored for later use in verification. When a passcode is received as part of an authentication attempt, the hardware secret is used to generate a reference hash of the received passcode that is then compared with the persistently stored hash to determine whether there is a match. | ||
| 申请公布号 | US9369461(B1) | 申请公布日期 | 2016.06.14 |
| 申请号 | US201414149698 | 申请日期 | 2014.01.07 |
| 申请人 | Amazon Technologies, Inc. | 发明人 | Roth Gregory Branchek;Rubin Gregory Alan;Potlapally Nachiketh Rao |
| 分类号 | H04L9/32;H04L29/06 | 主分类号 | H04L9/32 |
| 代理机构 | Davis Wright Tremaine LLP | 代理人 | Davis Wright Tremaine LLP |
| 主权项 | 1. A computer-implemented method, comprising: under the control of one or more computer systems configured with executable instructions, receiving a request to verify a passcode for an identity, the passcode required for at least one method of obtaining access to a resource;calculating a reference value based at least in part on the passcode and a hardware secret, the hardware secret comprising secret information maintained within a hardware device so as to be unobtainable without physical intrusion into the hardware device;using a probabilistic data structure that contains a plurality of obtained values each verifiable based at least in part on the hardware secret to perform a comparison of the reference value with a stored value obtained from persistent data storage, separate from the hardware device, in which the stored value is stored in association with the identity; andproviding a response to the request based at least in part on the comparison, the response being configured to enable access to the resource when the comparison indicates that the calculated reference value matches the stored value. | ||
| 地址 | Seattle WA US | ||