Providing a user device with a set of a access codes
Abstract
A method for providing a user device with a set of access codes comprises, in the user device, storing an encryption key and an identification code, and sending a message containing the identification code to a server via a communications network. In the server, an encryption key is stored corresponding to the key stored in the user device, allocating the set of access codes on receipt of the identification code from the user device. A look up function is performed based on the identification code received in the message to retrieve the key from storage. The set of access codes is encrypted using the retrieved key to produce an encrypted set. A message containing the encrypted set is sent to the user device via the network. In the user device, the encrypted set received from the server is decrypted using the key in storage, and storing the decrypted set of access codes for use by a user of the user device.
Claims
exact text as granted — not AI-modified1 . A method for providing a user device with a set of access codes, the method comprising:
in the user device, storing an encryption key and an identification code, and sending a message containing the identification code to a server via a communications network; in the server, storing an encryption key corresponding to the key stored in the user device, allocating the set of access codes on receipt of the identification code from the user device, performing a look up function based on the identification code received in the message to retrieve the key from storage, encrypting the set of access codes using the retrieved key to produce an encrypted set, and sending a message containing the encrypted set to the user device via the network; and, in the user device, decrypting the encrypted set received from the server using the key in storage, and storing the decrypted set of access codes for use by a user of the user device; and, upon the number of unused access codes reaching a predetermined threshold, in the server, sending a message containing a new set of access codes to the user device via the network; and, in the user device, storing the new set for use by a user of the user device.
2 . A method as claimed in claim 1 , further comprising:
in the user device, tracking the access codes used by the user, generating a request in response to the number of unused access codes reaching a predetermined threshold, and sending a message containing the request to the server; and, in the server, sending the message containing the new set of access codes on receipt of the request.
3 . A method as claimed in claim 1 , further comprising: in the server, tracking the access codes used by the user, and sending the message containing the new set of access codes to the user device in response to the number of unused access codes reaching a predetermined threshold.
4 . A method as claimed in claim 1 , further comprising:
in the server, generating a new key, encrypting the new key with the previous key, and sending a message containing the encrypted new key to the user device via the network; and, in the user device, decrypting the new key received from the server using the previous key, and storing the decrypted new key in place of the previous key.
5 . A method as claimed in claim 4 , further comprising:
in the server, encrypting a new set of access codes with the new key to produce a new key encrypted set, and sending a message containing the new key encrypted set to the user device via the network; and, in the user device, decrypting the new key encrypted set using the new key, and storing the decrypted new set for use by a user of the user device.
6 . A method as claimed in claim 1 , further comprising:
in the user device, generating a public/private key pair, and sending a message containing the public key of the pair to the server via the network; in the server, generating a session key, encrypting the set of access codes with the session key to produce a session key encrypted set, encrypting the session key with the public key to produce an encrypted session key, sending a message containing the session key encrypted set and the encrypted session key to the user device via the network; and, in the user device, decrypting the encrypted session key with the private key of the pair to recover the session key, decrypting the session key encrypted set with the recovered session key to recover the set, and storing the decrypted set for use by a user of the user device.
7 . A method for providing a user device with a set of access codes, the method comprising, in the user device:
storing an encryption key and an identification code; sending a message containing the identification code to a server via a communications network; receiving from the server a message containing the set of access codes encrypted with the key; decrypting the received set of access codes using the key in storage; and, storing the decrypted set of access codes for use by a user of the user device. upon the number of unused access codes reaching a predetermined threshold, receiving from the server a message containing a new set of access codes; and, in the user device, storing the new set for use by a user of the user device.
8 . A method as claimed in claim 7 , further comprising: in the user device, tracking the access codes used by the user, generating a request in response to the number of unused access codes reaching a predetermined threshold, and sending a message containing the request to the server.
9 . A method as claimed in claim 7 , further comprising, in the user device:
decrypting a new key received from the server using the previous key; and, storing the decrypted new key in place of the previous key.
10 . A method as claimed in claim 9 , further comprising, in the user device:
receiving from the server a message containing a new key encrypted set of access codes via the network; decrypting the new key encrypted set using the new key; and, storing the decrypted new set for use by a user of the user device.
11 . A method as claimed in claim 7 , comprising, in the user device:
generating a public/private key pair; sending a message containing the public key of the pair to the server via the network; receiving a message containing a session key encrypted set of access codes and a public key encrypted session key from the server via the network; decrypting the public key encrypted session key with the private key of the pair to recover a session key encrypted set and a corresponding session key; decrypting the session key encrypted set with the recovered session key to recover the set; and, storing the decrypted set for use by a user of the user device.
12 . A computer program element comprising computer program code mean when loaded in a processor of a user device, configures the processor to perform a method as claimed in claim 7 .
13 . A method for providing a user device with a set of access codes, the method comprising, in a server for communicating with the user device via a network:
storing an encryption key corresponding to an encryption key stored in the user device; allocating the set of access codes to the user device on receipt of a message containing an identification code from the user device via the network; performing a look up function based on the identification code received in the message to retrieve the key from storage; encrypting the set of access codes using the retrieved key to produce an encrypted set; and, sending a message containing the encrypted set to the user device via the network; and, upon the number of unused access codes reaching a predetermined threshold, sending a message containing a new set of access codes to the user device via the network.
14 . A method as claimed in claim 13 , further comprising, in the server:
generating a new key, encrypting the new key with the previous key; and, sending a message containing the encrypted new key to the user device via the network.
15 . A method as claimed in claim 14 , further comprising, in the server:
encrypting the new set of access codes with the new key to produce a new key encrypted set of access codes.
16 . A method as claimed in claim 13 , further comprising, in the server:
receiving a message containing a public key of a public/private key pair from the user device; generating a session key; encrypting the set of access codes with the session key to produce a session key encrypted set; encrypting the session key with the public key to produce a public key encrypted session key; and, sending a message containing the session key encrypted set and the public key encrypted session key to the user device via the network.
17 . A computer program element comprising computer program code means when loaded in a processor of a server computer system, configures the processor to perform a method as claimed in claim 13 .
18 . A method as claimed claim 1 , further comprising a limitation taken from a group of limitations consisting of:
wherein the access codes are one time authentication codes; wherein the network comprises a wireless communication network; wherein the user device comprises one of a mobile phone, a personal digital assistant, and a smart card; and wherein the messages are SMS messages.
19 - 21 . (canceled)
22 . An apparatus for providing a user with a set of access codes, the apparatus comprising: a user device; and, server for communicating with the user device via a communications network; the user device comprising
means for storing an encryption key and an identification code, and means for sending a message containing the identification code to the server via the network; the server comprising means for storing an encryption key corresponding to the key stored in the user device, means for allocating the set of access codes on receipt of the identification code from the user device, means for performing a look up function based on the identification code received in the message to retrieve the key from storage, means for encrypting the set of access codes using the retrieved key to produce an encrypted set, and means for sending a message containing the encrypted set to the user device via the network and for sending upon the number of unused access codes reaching a predetermined threshold, a message containing a new set of access codes to the user device via the network; and, in the user device, storing the new set for use by a user of the user device. and, the user device further comprising: means for decrypting the encrypted set received from the server using the key stored in the user device, and means for storing the decrypted set of access codes for use by the user.
23 . Apparatus as claimed in claim 22 , wherein the server further comprises
means for generating a new key, means for encrypting the new key with the previous key, and means for sending a message containing the encrypted new key to the user device via the network, and wherein the user device further comprises means for decrypting the new key received from the server using the previous key, and means for storing the decrypted new key in place of the previous key.
24 . Apparatus as claimed in claim 23 , wherein the server further comprises
means for encrypting the new set of access codes with the new key to produce a new key encrypted set; and means for sending a message containing the new key encrypted set to the user device via the network, and wherein the user device further comprises means for decrypting the new key encrypted set using the new key, and means for storing the decrypted new set for use by a user of the user device.
25 . Apparatus as claimed in claim 22 , further comprising at least one element taken from a group of elements consisting of:
in the user device:
means for storing the new set for use by a user of the user device;
means for tracking the access codes used by the user,
means for generating a request in response to the number of unused access codes reaching a predetermined threshold, and
means for sending a message containing the request to the server; and
means for generating a request in response to a manual input from the user, and
means for sending a message containing the request to the server; and
in the server,
means for sending the message containing the new set of access codes on receipt of the request; and
means for sending the message containing the new set of access codes on receipt of the request.
26 . (canceled)
27 . Apparatus as claimed in claim 25 , further comprising: in the server,
means for tracking the access codes used by the user, and means for sending the message containing the new set of access codes to the user device in response to the number of unused access codes reaching a predetermined threshold.
28 . Apparatus as claimed in claim 25 , further comprising: in the user device,
means for generating a request in response to a manual input from the user, and means for sending a message containing the request to the server; and, in the server, means for sending the message containing the new set of access codes on receipt of the request.
29 . Apparatus as claimed in claim 22 , wherein the user device further comprises
means for generating a public/private key pair and means for sending a message containing the public key of the pair to the server via the network; wherein the server further comprises means for generating a session key, means for encrypting the set of access codes with the session key to produce a session key encrypted set, means for encrypting the session key with the public key to produce a public key encrypted session key, and means for sending a message containing the session key encrypted set and the public key encrypted session key to the user device via the network; and, wherein the user device further comprises means for decrypting the public key encrypted session key with the private key of the pair to recover the session key, means for decrypting the session key encrypted set with the recovered session key to recover the set, and means for storing the decrypted set for use by a user of the user device.
30 . An apparatus as claimed in claim 22 , further comprising a limitation taken from a group of limitations consisting of:
wherein the access codes are one time authentication codes, the user device comprises one of a mobile phone, a personal digital assistant, and a smart card; and wherein the messages are SMS messages.
31 - 33 . (canceled)
34 . A user device for receiving a set of access codes from a server via a communications network, the device comprising:
means for storing an encryption key and an identification code; means for sending a message containing the identification code to a server via a communications network; means for receiving from the server a message containing the set of access codes encrypted with the key; means for decrypting the received set of access codes using the key in storage; and, means for storing the decrypted set of access codes for use by a user of the user device; and means for receiving upon the number of unused access codes reaching a predetermined threshold from the server a message containing a new key encrypted set of access codes via the network.
35 . A user device as claimed in claim 34 , further comprising:
means for decrypting a new key received from the server using the previous key; and, means for storing the decrypted new key in place of the previous key.
36 . A user device as claimed in claim 35 , further comprising:
means for decrypting the new key encrypted set using the new key; and, means for storing the decrypted new set for use by a user of the user device.
37 . A user device as claimed in claim 34 , further comprising:
means for generating a public/private key pair; means for sending a message containing the public key of the pair to the server via the network; means for receiving a message containing a session key encrypted set of access codes and a public key encrypted session key from the server via the network; means for decrypting the public key encrypted session key with the private key of the pair to recover the session key; means for decrypting the session key encrypted set with the recovered session key to recover the set; and, means for storing the decrypted set for use by a user of the user device.
38 . A server for providing a user device with a set of access codes via a communications network, the server comprising:
means for storing an encryption key corresponding to an encryption key stored in the user device; means for allocating the set of access codes to the user device on receipt of a message containing an identification code from the user device via the network; means for performing a look up function based on the identification code received in the message to retrieve the key from storage; means for encrypting the set of access codes using the retrieved key to produce an encrypted set; and, means for sending a message containing the encrypted set to the user device via the network, means for sending upon the number of unused access codes reaching a predetermined threshold a message containing the new set of access codes to the user device via the network.
39 . A server as claimed in claim 38 , further comprising at least one element taken from a group of elements consisting of:
means for generating a new key, encrypting the new key with the previous key, and means for sending a message containing the encrypted new key to the user device via the network; means for encrypting the new set of access codes with the new key to produce a new key encrypted set; means for receiving a message containing a public key of a public/private key pair from the user device, means for generating a session key, means for encrypting the set of access codes with the session key to produce a session key encrypted set, means for encrypting the session key with the public key to produce a public key encrypted session key, and means for sending a message containing the session key encrypted set and the public key encrypted session key to the user device via the network.
40 - 41 . (canceled)Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.