| 摘要 |
The present patent application discloses a USB token that advantageously mimics a human interface device such as a keyboard in interacting with a host computer, thus removing the need for pre-installation of a dedicated device driver. This is accomplished by requiring the host computer to direct the input of the attached human interface devices of the keyboard type, including the USB token, exclusively to the program interacting with the USB token, by using cryptographic algorithms based on a shared secret, which require less data to be transferred than PKI-based algorithms, and by employing an efficient encoding scheme that minimizes the time needed to exchange information with the USB token, and minimizes the probability of generating ambiguity with input that might legitimately be generated by other attached human interface devices. By using only symmetric encryption and the low-speed USB protocol, a single low-performance processor may be used, which results in a more cost-effective solution than PKI USB tokens emulating the combination of smart cards and smart card readers or USB tokens presenting themselves to the host computer as mass storage devices. The overall security is increased by adding a second authentication factor consisting of a static password entered by the user, and by limiting the number of valid token response that can be generated or retrieved in a usage session. |
