logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 8966276 B1

PDFFull Text
Date of Patent:
Feb. 24, 2015

Filed:

Sep. 10, 2004

System and method providing disconnected authentication

Applicants:

Andrew Nanopoulos, Wakefield, MA (US);

Karl Ackerman, Boston, MA (US);

Piers Bowness, Westford, MA (US);

William Duane, Westford, MA (US);

Markus Jakobsson, Bloomington, IN (US);

Burt Kaliski, Wellesley, MA (US);

Dmitri Pal, Framingham, MA (US);

Shane D. Rice, Boston, MA (US);

Ronald L. Rivest, Arlington, MA (US);

Inventors:

Andrew Nanopoulos, Wakefield, MA (US);

Karl Ackerman, Boston, MA (US);

Piers Bowness, Westford, MA (US);

William Duane, Westford, MA (US);

Markus Jakobsson, Bloomington, IN (US);

Burt Kaliski, Wellesley, MA (US);

Dmitri Pal, Framingham, MA (US);

Shane D. Rice, Boston, MA (US);

Ronald L. Rivest, Arlington, MA (US);

Assignee:

EMC Corporation, Hopkinton, MA (US);

Attorney:

Daly, Crowley, Mofford & Durkee, LLP

Primary Examiner:

Harunur Rashid

Int. Cl.
CPC ...
G06F 21/00 (2013.01); H04L 29/06 (2006.01); G06F 21/31 (2013.01); G06F 21/34 (2013.01); H04L 9/32 (2006.01); H04L 9/00 (2006.01);
U.S. Cl.
CPC ...
H04L 63/0838 (2013.01); G06F 21/31 (2013.01); G06F 21/34 (2013.01); H04L 9/3271 (2013.01); H04L 63/0853 (2013.01); H04L 9/002 (2013.01); H04L 9/3228 (2013.01); H04L 9/3234 (2013.01); H04L 9/3236 (2013.01); G06F 2221/2103 (2013.01); H04L 2209/38 (2013.01); H04L 2209/80 (2013.01);
Abstract

In a system for disconnected authentication, verification records corresponding to given authentication token outputs over a predetermined period of time, sequence of events, and/or set of challenges are downloaded to a verifier. The records include encrypted or hashed information for the given authentication token outputs. In one embodiment using time intervals, for each time interval, token output data, a salt value, and a pepper value, are hashed and compared with the verification record for the time interval. After a successful comparison, a user can access the computer. A PIN value can also be provided as an input the hash function. A portion of the hash function output can be used as a key to decrypt an encrypted (Windows) password, or other sensitive information.

Find Patent Forward Citations

Loading…