发明名称 Authentication with massively pre-generated one-time passwords
摘要 Embodiments of the invention provide systems and methods for the storage of One-Time Passwords (OTPs) on a device (principal) that needs to authenticate from time to time. It utilizes recent availability of data storage capacity not previously exploited in this arena. Also disclosed is the means to initialize and modify the system (all principals) in a secure manner, and the means to store the OTP production means on a device in a secure manner, even if the device has no built-in protected storage.
申请公布号 US8931069(B2) 申请公布日期 2015.01.06
申请号 US201113043860 申请日期 2011.03.09
申请人 CA, Inc. 发明人 Hird Geoffrey
分类号 G06F7/04;G06F15/16;G06F17/30;H04L29/06 主分类号 G06F7/04
代理机构 Vierra Magen Marcus LLP 代理人 Vierra Magen Marcus LLP
主权项 1. A system for utilizing pre-generated one-time passwords, the system comprising: a password server executing one or more applications which cause the password server to generate a list of One-Time Passwords (OTPs) comprising multiple OTPs and package the list of OTPs for delivery; and a client device, the client device comprising a processor and a memory, wherein the password server downloads the list of OTPs to the client device in response to a request, and wherein the client device saves the downloaded list of OTPs to the memory of the client device for use in accessing a resource requiring authentication, wherein the client device comprises a client application stored in the memory of the client device, and the client application, when executed by the processor, causes the processor to select one of the OTPs from the list of OTPs in the memory of the client device for use in accessing the resource requiring authentication, the client application causes the processor to access user input being a trial PIN and a counter, the counter having a unique value for each OTP on the list of OTPs, the client application causes the processor to combine the trial PIN and the counter as an input seed to a mask generation function, the processor uses an output of the mask generation function to unmask the selected OTP that corresponds to the counter, the unmasking provides a plausible candidate OTP for every trial PIN that is input and provides a correct OTP when the trial PIN matches a user PIN that was used to mask the list of OTPs.
地址 New York NY US
您可能感兴趣的专利