Patent · US Active

System and method providing disconnected authentication

US8966276B2 · kind B2 · utility

77Cited by

23References

59Claims

0Family size

Assignee

EMC Corporation · US

Inventors

Andrew Nanopoulos · Wakefield, US
Karl Ackerman · Topsfield, US
Piers Bowness · Westford, US
William Duane · Westford, US
Markus Jakobsson · Culver City, US
Burt Kaliski · Wellesley, US
Dmitri Pal · Chelmsford, US
Shane Rice · Westwood, US
Ronald L. Rivest · Arlington, US

Key dates

Filing date	Sep 10, 2004
Grant date	Feb 24, 2015
Priority date	—
Expiry date	Apr 29, 2030

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2209/80
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

In a system for disconnected authentication, verification records corresponding to given authentication token outputs over a predetermined period of time, sequence of events, and/or set of challenges are downloaded to a verifier. The records include encrypted or hashed information for the given authentication token outputs. In one embodiment using time intervals, for each time interval, token output data, a salt value, and a pepper value, are hashed and compared with the verification record for the time interval. After a successful comparison, a user can access the computer. A PIN value can also be provided as an input the hash function. A portion of the hash function output can be used as a key to decrypt an encrypted (Windows) password, or other sensitive information.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.