Patent
Secure Communication Using Asymmetric Cryptography and Light-Weight Certificates
TLDR
In this article, the authors proposed a two-factor authentication protocol for authenticating the identity of an individual by generating a cipher using a light-weight certificate that has a shared secret but no other information identifying the individual.Abstract:
Encrypted communications between servers and client devices over an unsecured channel, such as the Internet, without using a public key infrastructure are disclosed. Messages to a client device are encrypted using an encryption key of an authorized individual, regardless of the identity of the user of the client device. Encryption is performed by a system that does not expose encryption keys to the client device or the server, thereby preventing man-in-the-middle attacks against the encryption key. Secure communications are combined with a two-factor protocol for authenticating the identity of an individual. An individual authenticates by generating a cipher using a light-weight certificate that has a shared secret but no other information identifying the individual. Separately, a server generates the same cipher using the shared secret, thereby authenticating the individual's identity to a relying party.read more
Citations
More filters
Patent
Advanced authentication techniques and applications
Marc Briceno,Brendon J. Wilson,Ramesh Kesanupalli,Davit Baghdasaryan,Rajiv Dholakia,William J. Blanke,Rolf Lindemann,Igor Polivanyi,Avinash Umap +8 more
TL;DR: In this paper, a system, apparatus, method, and machine readable medium are described for performing advanced authentication techniques and associated applications, and one embodiment of such a method comprises: receiving a policy identifying a set of acceptable authentication capabilities, determining a client authentication capabilities; and filtering the set of allowable authentication capabilities based on the determined set of client authentication capability to arrive at a filtered set of one or more authentication capabilities for authenticating a user.
Patent
System and method for adaptive application of authentication policies
TL;DR: In this article, a system, apparatus, method, and machine readable medium are described for adaptively implementing an authentication policy, which includes detecting a user of a client attempting to perform a current interaction with a relying party.
Patent
Securing speech recognition data
TL;DR: In this paper, the authors describe a system for reducing security vulnerabilities in a client/server speech recognition system including one or more client computers and one/more server computers connected via a network, where decryption of sensitive information is performed on designated servers to limit the attack surface of unencrypted data.
Patent
System and method for sharing keys across authenticators
TL;DR: In this paper, a system, apparatus, method, and machine readable medium are described for sharing authentication data, which comprises: generating and storing a persistent group identification code (Group-ID) for a group of authenticators sharing a common set of authorization (Uauth) keys.
Patent
Mobile banking system with cryptographic expansion device
TL;DR: In this article, a mobile banking system that uses a cryptographic expansion device attached to a communication component of a mobile device and a secure gateway device to enable end-to-end secure communications between the mobile devices and a payment processing network is disclosed.
References
More filters
Book
Handbook of Applied Cryptography
TL;DR: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols.
Patent
Method and apparatus for managing credentials through a wireless network
TL;DR: In this paper, the authors present a system and methodology for conducting financial and other transactions using a wireless device, where credentials are selectively issued by issuers such as credit card companies, banks, and merchants to consumers permitting the specific consumer to conduct a transaction according to the authorization given as reflected by the credential or set of credentials.
Patent
Apparatus and methods for providing scalable, dynamic, individualized credential services using mobile telephones
TL;DR: In this article, a mobile electronic device, such as a smartphone, that can encrypt data according to a public key infrastructure is used to authenticate an individual's identity to the device, thereby unlocking credentials that may be used in a secure transaction.
Patent
Application level security system and method
James F. Chen,Jieh-Shan Wang +1 more
TL;DR: In this paper, the authors propose a secure gateway and firewalls between the Internet and any party which desires protection by using a smart card to distribute shared secret keys between a computer which serves as the above-mentioned firewall and a client node on the Internet, using the shared private keys to establish mutual authentication between the gateway and the smart card.
Patent
System and method for authenticating users using two or more factors
William Harris,Louis Gasparini +1 more
TL;DR: In this paper, a system and method authenticates users via any two or three of 1) Something the user knows; 2)Something the user has; and 3) A physical characteristic of the user.