Authentication using random challenges
US5872917A · kind A · utility
Assignee
Inventor
Key dates
| Filing date | Oct 8, 1997 |
| Grant date | Feb 16, 1999 |
| Priority date | — |
| Expiry date | Oct 8, 2017 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2103
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method is disclosed for authenticating one or both of two parties, for example, a user and a host computer. The first party and second party each know the same password. The first party sends a challenge to the second party. The second party generates and sends to the first party a response based on a first function of the password, the first party's challenge, and an extra value unknown to the first party. The first party, which knows only the length of the extra value, then attempts to match the response by using the same function, password, and challenge by cycling through the possible values for the extra value of known format. A method of bi-directional authentication may be achieved by having the first party return to the second party a response using a different function of the password, a preferably different challenge, and the extra value. The second party already knows the input values, including the extra value, and therefore, does not incur the costs associated with learning the extra value. The identity of the first party is confirmed by matching the transmitted response with a value generated locally.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.