Methods and systems for device authentication
Abstract
A method for authenticating communications may include registering the first device by receiving a device public key and a repository public key that are specific to the second device. The method may also include authenticating a communication from the first device by receiving the communication, a first digital signature generated by the first device using a device private key, and a second digital signature generated by the secure repository using a repository private key. The second digital signature may be generated by the secure repository only after the first device is authenticated by the secure repository. The method may further include authenticating the first digital signature using the device public key, authenticating the second digital signature using the repository public key, and authenticating the communication based on authenticating the first digital signature and authenticating the second digital signature.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method for authenticating communications from a first device with a second device through a network, the method comprising:
registering the first device with the second device by:
receiving, at the second device and from the first device, a device public key that is specific to the second device; and
receiving, at the second device and originating from a secure repository, a repository public key that is specific to the second device; and
after registering the first device with the second device, authenticating a communication from the first device by:
receiving, at the second device and from the first device, the communication;
receiving, at the second device and from the first device, a first digital signature, wherein the first digital signature is generated by the first device using a device private key corresponding to the device public key;
receiving, at the second device and originating from the secure repository, a second digital signature, wherein:
the second digital signature is generated by the secure repository using a repository private key corresponding to the repository public key; and
the second digital signature is generated by the secure repository only after the first device is authenticated by the secure repository;
authenticating, by the second device, the first digital signature using the device public key;
authenticating, by the second device, the second digital signature using the repository public key; and
authenticating, by the second device, the communication based on authenticating the first digital signature and authenticating the second digital signature.
2 . The method of claim 1 , wherein the second device comprises a server.
3 . The method of claim 1 , wherein the first device comprises a device located at a user's home.
4 . The method of claim 1 , wherein the communication and the first digital signature are received from the first device in a same transmission.
5 . The method of claim 1 , wherein the first digital signature comprises the communication signed by the device private key.
6 . The method of claim 1 , wherein the secure repository stores encrypted information in a user account, wherein the secure repository cannot decrypt the encrypted information.
7 . The method of claim 1 , wherein the first device, the second device, and the secure repository are all operated by different entities.
8 . A system comprising:
one or more processors; and one or more memory devices comprising instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising:
registering a first device by:
receiving, from the first device, a device public key that is specific to the second device; and
receiving, originating from a secure repository, a repository public key that is specific to the second device; and
after registering the first device, authenticating a communication from the first device by:
receiving, from the first device, the communication;
receiving, from the first device, a first digital signature, wherein the first digital signature is generated by the first device using a device private key corresponding to the device public key;
receiving, originating from the secure repository, a second digital signature, wherein:
the second digital signature is generated by the secure repository using a repository private key corresponding to the repository public key; and
the second digital signature is generated by the secure repository only after the first device is authenticated by the secure repository;
authenticating the first digital signature using the device public key;
authenticating the second digital signature using the repository public key; and
authenticating the communication based on authenticating the first digital signature and authenticating the second digital signature.
9 . The system of claim 8 , wherein the system comprises a server.
10 . The system of claim 8 , wherein the first device comprises a device located at a user's home.
11 . The system of claim 8 , wherein the communication and the first digital signature are received from the first device in a same transmission.
12 . The system of claim 8 , wherein the first digital signature comprises the communication signed by the device private key.
13 . The system of claim 8 , wherein the secure repository stores encrypted information in a user account, wherein the secure repository cannot decrypt the encrypted information.
14 . The system of claim 8 , wherein the first device, the system, and the secure repository are all operated by different entities.
15 . A non-transitory computer-readable medium comprising instructions that, when executed by one or more processors, cause the one or more processors to perform operations comprising:
registering the first device with the second device by:
receiving, at the second device and from the first device, a device public key that is specific to the second device; and
receiving, at the second device and originating from a secure repository, a repository public key that is specific to the second device; and
after registering the first device with the second device, authenticating a communication from the first device by:
receiving, at the second device and from the first device, the communication;
receiving, at the second device and from the first device, a first digital signature, wherein the first digital signature is generated by the first device using a device private key corresponding to the device public key;
receiving, at the second device and originating from the secure repository, a second digital signature, wherein:
the second digital signature is generated by the secure repository using a repository private key corresponding to the repository public key; and
the second digital signature is generated by the secure repository only after the first device is authenticated by the secure repository;
authenticating, by the second device, the first digital signature using the device public key;
authenticating, by the second device, the second digital signature using the repository public key; and
authenticating, by the second device, the communication based on authenticating the first digital signature and authenticating the second digital signature.
16 . The non-transitory computer readable medium of claim 15 , wherein the first device comprises a device located at a user's home.
17 . The non-transitory computer readable medium of claim 15 , wherein the communication and the first digital signature are received from the first device in a same transmission.
18 . The non-transitory computer readable medium of claim 15 , wherein the first digital signature comprises the communication signed by the device private key.
19 . The non-transitory computer readable medium of claim 15 , wherein the secure repository stores encrypted information in a user account, wherein the secure repository cannot decrypt the encrypted information.
20 . The non-transitory computer readable medium of claim 15 , wherein the first device, the system, and the secure repository are all operated by different entities.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.