专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2012142354A1 REMOTE AUTHENTICATION AND TRANSACTION SIGNATURES 审中-公开
标题翻译：远程认证和交易签名
公开(公告)号：WO2012142354A1
公开(公告)日：2012-10-18
申请号：PCT/US2012/033432
申请日：2012-04-13
申请人： VASCO DATA SECURITY, INC. , VASCO DATA SECURITY INTERNATIONAL GMBH , COULIER, Frank , HOORNAERT, Frank , MENNES, Frederik
发明人： COULIER, Frank , HOORNAERT, Frank , MENNES, Frederik
IPC分类号： H04L9/32 , G06Q20/34
CPC分类号： H04L9/3228 , G06F21/31 , G06F21/34 , G06Q20/3823 , G06Q20/388 , H04L9/006 , H04L9/3242 , H04L9/3263 , H04L9/3271 , H04L2209/805
摘要： The invention provides a method, apparatus, computer readable medium and signal which allows the usage of devices containing PKI private keys such as PKI-enabled smart cards or USB sticks to authenticate users and to sign transactions. The authenticity of the user and/or the message is verified. Furthermore the operation (authentication and/or signing) occurs without the need for an application to have some kind of a direct or indirect digital connection with the device containing the private key. In addition the operation occurs without the need for the PKI-enabled device containing the private key (e.g. a PKI smart card or USB stick) to either support symmetric cryptographic operations or to have been personalized with some secret or confidential data element that can be read by a suitable reader.
摘要翻译：本发明提供一种方法，装置，计算机可读介质和信号，其允许使用包含PKI私钥（例如启用PKI的智能卡或USB棒）的设备来认证用户和签署交易。验证用户的真实性和/或消息。此外，操作（认证和/或签名）发生而不需要应用程序与包含私钥的设备进行某种直接或间接的数字连接。此外，不需要启用包含私钥（例如PKI智能卡或USB棒）的启用PKI的设备来支持对称密码操作，也可以使用可读取的一些秘密或机密数据元素进行个性化操作由合适的读者。

2. 发明申请

WO2009025905A2 REMOTE AUTHENTICATION AND TRANSACTION SIGNATURES 审中-公开
标题翻译：远程认证和交易签名
公开(公告)号：WO2009025905A2
公开(公告)日：2009-02-26
申请号：PCT/US2008/065216
申请日：2008-05-30
申请人： VASCO DATA SECURITY, INC. , VASCO DATA SECURITY INTERNATIONAL GMBH , COULIER, Frank , HOORNAERT, Frank
发明人： COULIER, Frank , HOORNAERT, Frank
IPC分类号： H04L9/00
CPC分类号： G06F21/34 , G06F21/31 , G06F21/33 , G06F2221/2103 , G06Q20/3823 , G06Q20/388 , H04L9/006 , H04L9/3228 , H04L9/3242 , H04L9/3271 , H04L63/067 , H04L2209/56
摘要： The invention provides a method, apparatus, computer readable medium and signal which allows the usage of devices containing PKl private keys such as PKI- enabled smart cards or USB sticks to authenticate users and to sign transactions. The authenticity of the user and/or the message is verified. Furthermore the operation (authentication and/or signing) occurs without the need for an application to have some kind of a direct or indirect digital connection with the device containing the private key. In other words a digital connection that would allow an application to submit data to the card for signing by the card's private key and that would allow retrieving the entire resulting signature from the card is not required. In addition the operation occurs without the need for the PKI-enabled device containing the private key (e.g. a PKI smart card or USB stick) to either support symmetric cryptographic operations or to have been personalized with some secret or confidential data element that can be read by a suitable reader.
摘要翻译：本发明提供了一种方法，设备，计算机可读介质和信号，其允许使用包含PKI私钥的设备（例如启用PKI的智能卡或USB棒）来认证用户并对交易进行签名。用户和/或消息的真实性得到验证。此外，操作（认证和/或签名）不需要应用程序与包含私钥的设备进行某种直接或间接的数字连接。换句话说，允许应用程序向卡提交数据以供卡的私钥签名并且允许从卡中检索整个签名的数字连接不是必需的。此外，该操作不需要包含私钥的PKI设备（例如PKI智能卡或USB棒）就可以支持对称加密操作，或者通过一些可以读取的秘密或机密数据元素进行个性化由适当的读者。

3. 发明申请

WO2011050332A1 STRONG AUTHENTICATION TOKEN USABLE WITH A PLURALITY OF INDEPENDENT APPLICATION PROVIDERS 审中-公开
标题翻译：丰富的独立应用提供商可以使用强大的认证
公开(公告)号：WO2011050332A1
公开(公告)日：2011-04-28
申请号：PCT/US2010/053862
申请日：2010-10-22
申请人： VASCO DATA SECURITY, INC. , VASCO DATA SECURITY INTERNATIONAL GMBH , GRANGE, Benoit , MARIEN, Dirk , HOORNAERT, Frank
发明人： GRANGE, Benoit , MARIEN, Dirk , HOORNAERT, Frank
IPC分类号： H04L29/06
CPC分类号： H04L9/16 , H04L9/0897 , H04L9/3234 , H04L2209/56 , H04L2209/80
摘要： The present invention defines a strong authentication token for generating different dynamic credentials for different application providers comprising an input interface providing an output representing an application provider indicator; a secret key storage for storing one or more secret keys; a variability source for providing a dynamic variable value; a key providing agent for providing an application provider specific key as a function of said application provider indicator using one or more keys stored in said secret key storage; a cryptographic agent for cryptographically combining said application provider specific key with said dynamic variable value using symmetric cryptography; a transformation agent coupled to said cryptographic agent for transforming an output of said cryptographic agent to produce a dynamic credential; and an output interface to output said dynamic credential.
摘要翻译：本发明定义了用于为不同应用提供者生成不同动态证书的强认证令牌，其包括提供表示应用提供商指示符的输出的输入接口; 用于存储一个或多个秘密密钥的秘密密钥存储器; 用于提供动态变量值的变异性源; 密钥提供代理，用于使用存储在所述秘密密钥存储器中的一个或多个密钥来提供作为所述应用提供商指示符的功能的应用提供者特定密钥; 用于使用对称密码术将所述应用提供者特定密钥与所述动态变量值密码地组合的加密代理; 耦合到所述加密代理的转换代理，用于变换所述密码代理的输出以产生动态证书; 以及用于输出所述动态凭证的输出接口。

4. 发明申请

WO2012116312A1 METHOD AND APPARATUS FOR ENCODING AND DECODING DATA TRANSMITTED TO AN AUTHENTICATION TOKEN 审中-公开
标题翻译：用于编码和解码发送给认证机构的数据的方法和装置
公开(公告)号：WO2012116312A1
公开(公告)日：2012-08-30
申请号：PCT/US2012/026588
申请日：2012-02-24
申请人： VASCO DATA SECURITY, INC. , VASCO DATA SECURITY INTERNATIONAL GMBH , HOORNAERT, Frank , MARIEN, Dirk
发明人： HOORNAERT, Frank , MARIEN, Dirk
IPC分类号： G06F21/20
CPC分类号： G06F21/34 , G06F2221/2103 , G06F2221/2153
摘要： Methods and apparatus for encoding and decoding data transmitted acoustically and/or optically to strong authentication tokens to generate dynamic security values are disclosed. The tokens may also include a selection mechanism to select either an acoustical or an optical input interface to receive data. A communication interface may be provided to communicate with a removable security device such as a smart card and the token may be adapted to generate dynamic security values in cooperation with the removable security device.
摘要翻译：公开了用于编码和解码声学和/或光学地传送到强认证令牌以产生动态安全性值的数据的方法和装置。令牌还可以包括选择机制以选择声学或光学输入接口来接收数据。可以提供通信接口以与例如智能卡的可移除安全设备通信，并且令牌可以适于与可移除安全设备协作生成动态安全值。

5. 发明申请

WO2010030973A1 METHOD FOR POST-MANUFACTURING DATA TRANSFER TO AND FROM A SEALED DEVICE 审中-公开
标题翻译：用于后期制造数据传输到密封设备的方法
公开(公告)号：WO2010030973A1
公开(公告)日：2010-03-18
申请号：PCT/US2009/056794
申请日：2009-09-14
申请人： VASCO DATA SECURITY, INC. , VASCO DATA SECURITY INTERNATIONAL GMBH , COUCK, Guy, Louis , HOORNAERT, Frank
发明人： COUCK, Guy, Louis , HOORNAERT, Frank
IPC分类号： G06F7/00
CPC分类号： G06K19/07 , G06F21/86 , G06K19/07707 , G06K19/07716 , G06K2017/0041 , Y10T29/49117
摘要： The present invention is directed towards authentication tokens that are completely embedded in a non-conductive enclosure. The invention is based on the insight that it would be advantageous to separate the electronic data personalization of such tokens from the visual device personalization. The present application concerns an authentication token that allows communication with an external unit after the production of the nonconductive enclosure, in order to transmit or receive device identification data. As this communication need only take place during the manufacturing process, a low-power close-range transmission technique such as inductive coupling, capacitive coupling, or RFID communication suffices for this purpose. Accordingly, the present application discloses a method for manufacturing authentication tokens, and a token manufactured according to said method.
摘要翻译：本发明针对完全嵌入非导电外壳中的认证令牌。本发明基于以下认识：将这种令牌的电子数据个性化与视觉设备个性化分开将是有利的。本申请涉及在生产不导电外壳之后允许与外部单元通信的认证令牌，以便发送或接收设备标识数据。由于该通信仅需要在制造过程中进行，所以为了这个目的，诸如电感耦合，电容耦合或RFID通信的低功率近距离传输技术就足够了。因此，本申请公开了一种用于制造认证令牌的方法，以及根据所述方法制造的令牌。

6. 发明申请

WO2009145964A1 A STRONG AUTHENTICATION TOKEN GENERATING ONE-TIME PASSWORDS AND SIGNATURES UPON SERVER CREDENTIAL VERIFICATION 审中-公开
标题翻译：强大的认证在服务器认证验证后生成一次性密码和签名
公开(公告)号：WO2009145964A1
公开(公告)日：2009-12-03
申请号：PCT/US2009/036794
申请日：2009-03-11
申请人： VASCO DATA SECURITY, INC. , VASCO DATA SECURITY INTERNATIONAL GMBH , MENNES, Frederik , HOORNAERT, Frank
发明人： MENNES, Frederik , HOORNAERT, Frank
IPC分类号： G06Q20/00
CPC分类号： G06F21/34 , G06F21/33 , G06F2221/2103 , G06F2221/2151 , H04L9/3228 , H04L9/3234 , H04L9/3247 , H04L9/3273 , H04L63/0838 , H04L63/0853 , H04L2209/56
摘要： The invention defines a strong authentication token that remedies a vulnerability to a certain type of social engineering attacks, by authenticating the server or messages purporting to come from the server prior to generating a one-time password or transaction signature; and, in the case of the generation of a transaction signature, signing not only transaction values but also transaction context information and, prior to generating said transaction signature, presenting said transaction values and transaction context information to the user for the user to review and approve using trustworthy output and input means. It furthermore offers this authentication and review functionality without sacrificing user convenience or cost efficiency, by judiciously coding the transaction data to be signed, thus reducing the transmission size of information that has to be exchanged over the token's trustworthy interfaces.
摘要翻译：本发明通过在生成一次性密码或交易签名之前通过认证服务器或来自服务器的消息来定义补救某种类型的社会工程攻击的脆弱性的强认证令牌; 并且在生成交易签名的情况下，不仅签署交易值而且签署交易上下文信息，并且在生成所述交易签名之前向用户呈现所述交易值和交易上下文信息以供用户审查和批准使用可靠的输出和输入方式。它还提供了这种认证和审查功能，而不会牺牲用户便利性或成本效率，通过明智地编码要签名的事务数据，从而减少必须通过令牌的可信接口进行交换的信息的传输大小。

7. 发明申请

WO2009097260A1 TWO-FACTOR USE AUTHENTICATION TOKEN 审中-公开
标题翻译：双因素使用认证TOKEN
公开(公告)号：WO2009097260A1
公开(公告)日：2009-08-06
申请号：PCT/US2009/032098
申请日：2009-01-27
申请人： VASCO DATA SECURITY, INC. , VASCO DATA SECURITY INTERNATIONAL GMBH , NOE, Frederick , HOORNAERT, Frank , FORT, Nicolas , MARIEN, Dirk
发明人： NOE, Frederick , HOORNAERT, Frank , FORT, Nicolas , MARIEN, Dirk
IPC分类号： H04L9/00
CPC分类号： G06F21/34
摘要： A USB token advantageously mimics a human interface device such as a keyboard in interacting with a host computer, thus removing the need for pre-installation of a dedicated device driver. This is accomplished by requiring the host computer to direct the input of the attached human interface devices of the keyboard type, including the USB token, exclusively to the program interacting with the USB token, by using cryptographic algorithms based on a shared secret, which require less data to be transferred than PKI-based algorithms, and by employing an efficient encoding scheme that minimizes the time needed to exchange information with the USB token, and minimizes the probability of generating ambiguity with input that might legitimately be generated by other attached human interface devices.
摘要翻译： USB令牌有利地模拟诸如键盘的人机接口设备与主机交互，从而消除了对专用设备驱动程序的预安装的需要。这是通过要求主计算机通过使用基于共享秘密的密码算法将包括USB令牌在内的键盘类型的附接的人机接口设备的输入专用于与USB令牌交互的程序来实现的，这需要要比基于PKI的算法更少的数据传输，并且通过采用最小化与USB令牌交换信息所需的时间的有效的编码方案，并且最小化由其他附加的人机接口合法产生的输入产生歧义的概率设备。

8. 发明申请

WO2014106031A1 REMOTE AUTHENTICATION AND TRANSACTION SIGNATURES 审中-公开
标题翻译：远程认证和交易签名
公开(公告)号：WO2014106031A1
公开(公告)日：2014-07-03
申请号：PCT/US2013/077961
申请日：2013-12-27
申请人： VASCO DATA SECURITY, INC. , VASCO DATA SECURITY INTERNATIONAL GMBH
发明人： MARIËN, Dirk , COULIER, Frank , HOORNAERT, Frank , MENNES, Frederik
IPC分类号： H04L9/32
CPC分类号： H04L9/3234 , H04L9/3228
摘要： Authentication devices and methods for generating dynamic credentials are disclosed. The authentication devices include a communication interface for communicating with a security device such as a smart card. A dynamic credential such as a one-time password (OTP) or a message authentication code (MAC) may be generated by receiving from a server an encrypted initialization seed encrypted with an asymmetric encryption algorithm using a public key of a public/private key pair, submitting the encrypted initialization seed to a security device, decrypting at the security device the encrypted initialization seed with a private key of the public/private key pair, returning the decrypted initialization seed to the authentication device, deriving at the authentication device a secret credential generation key from the decrypted initialization seed, and generating the dynamic credential by combining a dynamic variable with the secret credential generation key using a symmetric cryptographic dynamic credential generation algorithm.
摘要翻译：公开了用于生成动态凭证的认证设备和方法。认证装置包括用于与智能卡等安全装置进行通信的通信接口。可以通过使用公共/私人密钥对的公开密钥从服务器接收用非对称加密算法加密的加密的初始化种子来生成诸如一次性密码（OTP）或消息认证码（MAC）的动态凭证将所述加密的初始化种子提交到安全设备，在所述安全设备处使用所述公钥/私钥对的私钥对所述加密的初始化种子进行解密，将所述解密的初始化种子返回到所述认证装置，在所述认证装置处导出秘密凭证并且通过使用对称密码动态凭证生成算法将动态变量与秘密证书生成密钥相结合来生成动态凭证。

9. 发明申请

WO2011006043A1 AUTHENTICATION TOKEN WITH INCREMENTAL KEY ESTABLISHMENT CAPABILITY 审中-公开
标题翻译：认证具有增强的主要建立能力
公开(公告)号：WO2011006043A1
公开(公告)日：2011-01-13
申请号：PCT/US2010/041486
申请日：2010-07-09
申请人： VASCO DATA SECURITY INC. , VASCO DATA SECURITY INTERNATINAL GMBH , HOORNAERT, Frank , MENNES, Frederik
发明人： HOORNAERT, Frank , MENNES, Frederik
IPC分类号： H04L9/32
CPC分类号： H04L9/16 , G06Q20/341 , G06Q20/3821 , G06Q20/3829 , G06Q20/40 , G07F7/1008 , H04L9/0897 , H04L9/3234 , H04L9/3271 , H04L2209/56
摘要： An apparatus comprising storage for a secret key, said secret key for use in the generation of cryptographic values, and a cryptographic agent for generating said cryptographic values using said secret key, selects one of a predetermined set of key transformations in an unpredictable way and applies said selected key transformation to said secret key prior to generating one of said cryptographic values A server receives and authenticates a credential generated using a transformed secret and derives the transformed secret, by generating a plurality of verification values using a set of known permitted transformations of a stored secret, determining whether said credential matches one of said plurality of verification values, and, if said credential matches one of said plurality of verification values, storing the corresponding one of said set of known permitted transformations as an updated value for said stored secret
摘要翻译：一种包括用于秘密密钥的存储装置，用于生成加密值的所述秘密密钥以及使用所述秘密密钥生成所述加密值的加密代理，以不可预知的方式选择预定密钥转换集合中的一个，并应用在生成所述密码值之一之前，所述选择的密钥转换为所述秘密密钥。服务器接收并认证使用经变换的秘密生成的证书，并且通过使用一组已知的许可转换生成多个验证值确定所述凭证是否匹配所述多个验证值中的一个，并且如果所述凭证匹配所述多个验证值中的一个，则将所述一组已知允许转换中的相应一个存储为所述存储秘密的更新值

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式