专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明授权

US5661807A Authentication system using one-time passwords 失效
标题翻译：验证系统使用一次性密码
公开(公告)号：US5661807A
公开(公告)日：1997-08-26
申请号：US516889
申请日：1995-08-18
申请人： Richard Henry Guski , Raymond Craig Larson , Stephen Michael Matyas, Jr. , Donald Byron Johnson , Don Coppersmith
发明人： Richard Henry Guski , Raymond Craig Larson , Stephen Michael Matyas, Jr. , Donald Byron Johnson , Don Coppersmith
IPC分类号： G09C1/00 , G06F1/00 , G06F21/00 , H04L9/32 , H04L12/22 , H04L29/06 , H04L9/00
CPC分类号： H04L63/0838 , G06F21/31 , H04L12/22 , H04L63/0846 , H04L9/0822 , H04L9/088 , H04L9/0894 , H04L9/3228 , H04L2209/20
摘要： A system for authenticating a user located at a requesting node to a resource such as a host application located at an authenticating node using one-time passwords that change pseudorandomly with each request for authentication. At the requesting node a non-time-dependent value is generated from nonsecret information identifying the user and the host application, using a secret encryption key shared with the authenticating node. The non-time-dependent value is combined with a time-dependent value to generate a composite value that is encrypted to produce an authentication parameter. The authentication parameter is reversibly transformed into an alphanumeric character string that is transmitted as a one-time password to the authenticating node. At the authenticating node the received password is transformed back into the corresponding authentication parameter, which is decrypted to regenerate the composite value. The non-time-dependent value is replicated at the authenticating node using the same nonsecret information and encryption key shared with the requesting node. The locally generated non-time-dependent value is combined with the regenerated composite value to regenerate the time-dependent value. The user is authenticated if the regenerated time-dependent value is within a predetermined range of a time-dependent value that is locally generated at the authenticating node.
摘要翻译：一种用于将位于请求节点处的用户的身份认证给诸如位于认证节点的主机应用的资源的系统，该系统使用与每个认证请求伪随机地改变的一次性密码。在请求节点，使用与认证节点共享的秘密加密密钥，从识别用户和主机应用的非秘密信息生成非时间依赖值。将非时间依赖值与时间相关的值组合以生成被加密以产生认证参数的复合值。验证参数可逆地转换成以一次性密码的形式发送给认证节点的字母数字字符串。在认证节点，将接收到的密码转换回相应的认证参数，对其进行解密，以重新生成复合值。使用与请求节点共享的相同的非秘密信息和加密密钥在认证节点上复制非时间依赖值。将本地生成的非时间依赖值与再生的复合值组合以再生时间依赖值。如果再生的时间依赖值在认证节点处本地生成的与时间有关的值的预定范围内，则认证用户。

IPRDB

热门服务

关于我们

友情链接

联系方式