System and method for generating a single use password based on a challenge/response protocol
US8042155B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 29, 2006 |
| Grant date | Oct 18, 2011 |
| Priority date | — |
| Expiry date | Dec 11, 2028 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L67/1097
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system and method which generates a single use password based on a challenge/response protocol. A box manager module executing within a security appliance identifies a public key (P) and salt value (S) associated with an administrator's smart card and generates a random nonce (N). The box manager transmits a challenge comprising the following elements: <SHA1(N), BM_ID, P[N, BM_ID], S>. Upon receiving the challenge, the administration card decrypts P[N, BM_ID] using the private key contained within the card and computes SHA1(N). The administration card then compares its computed values with the received values from the box manager. If the values match, then to the administration card returns a response comprising the following elements: HMAC_N[user, SHA1 (password, S)], where HMAC_N represents the SHA1 keyed hash message authentication check of the response elements using the nonce N as the key.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.