Enforcing server authentication based on a hardware token
US10164963B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 26, 2016 |
| Grant date | Dec 25, 2018 |
| Priority date | — |
| Expiry date | Jun 7, 2036 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0442
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method may include receiving, by a hardware token from a client device, a chain of certificates including a server certificate and a first root certificate authority (CA) certificate. The method may further include determining, by the hardware token, to offload validation of one or more certificates in the chain of certificates to the client device, and verifying, by a cryptography application running in a memory of the hardware token, using a trusted root CA certificate stored in the hardware token, each certificate in the chain of certificates. The method may further include authenticating, by the hardware token and based on the verification, a public key of a server certificate, encrypting, by the cryptography application, a secret message using the authenticated public key of the server certificate to obtain an encrypted secret message, and sending, by the hardware token, the encrypted secret message to the client device.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.