US2016261413A1PendingUtilityA1

Methods and systems for device authentication

57
Assignee: ONEID INCPriority: Jan 18, 2012Filed: May 16, 2016Published: Sep 8, 2016
Est. expiryJan 18, 2032(~5.5 yrs left)· nominal 20-yr term from priority
G06F 21/335H04L 9/30H04L 9/14H04L 63/0823H04L 9/3247H04L 63/06H04L 9/3263G06F 2221/2103G06F 21/31H04L 63/12H04L 63/0869H04L 63/08H04L 63/083
57
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A method for authenticating communications may include registering the first device by receiving a device public key and a repository public key that are specific to the second device. The method may also include authenticating a communication from the first device by receiving the communication, a first digital signature generated by the first device using a device private key, and a second digital signature generated by the secure repository using a repository private key. The second digital signature may be generated by the secure repository only after the first device is authenticated by the secure repository. The method may further include authenticating the first digital signature using the device public key, authenticating the second digital signature using the repository public key, and authenticating the communication based on authenticating the first digital signature and authenticating the second digital signature.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A method for authenticating communications from a first device with a second device through a network, the method comprising:
 registering the first device with the second device by:
 receiving, at the second device and from the first device, a device public key that is specific to the second device; and 
 receiving, at the second device and originating from a secure repository, a repository public key that is specific to the second device; and 
   after registering the first device with the second device, authenticating a communication from the first device by:
 receiving, at the second device and from the first device, the communication; 
 receiving, at the second device and from the first device, a first digital signature, wherein the first digital signature is generated by the first device using a device private key corresponding to the device public key; 
 receiving, at the second device and originating from the secure repository, a second digital signature, wherein:
 the second digital signature is generated by the secure repository using a repository private key corresponding to the repository public key; and 
 the second digital signature is generated by the secure repository only after the first device is authenticated by the secure repository; 
 
 authenticating, by the second device, the first digital signature using the device public key; 
 authenticating, by the second device, the second digital signature using the repository public key; and 
 authenticating, by the second device, the communication based on authenticating the first digital signature and authenticating the second digital signature. 
   
     
     
         2 . The method of  claim 1 , wherein the second device comprises a server. 
     
     
         3 . The method of  claim 1 , wherein the first device comprises a device located at a user's home. 
     
     
         4 . The method of  claim 1 , wherein the communication and the first digital signature are received from the first device in a same transmission. 
     
     
         5 . The method of  claim 1 , wherein the first digital signature comprises the communication signed by the device private key. 
     
     
         6 . The method of  claim 1 , wherein the secure repository stores encrypted information in a user account, wherein the secure repository cannot decrypt the encrypted information. 
     
     
         7 . The method of  claim 1 , wherein the first device, the second device, and the secure repository are all operated by different entities. 
     
     
         8 . A system comprising:
 one or more processors; and   one or more memory devices comprising instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising:
 registering a first device by:
 receiving, from the first device, a device public key that is specific to the second device; and 
 receiving, originating from a secure repository, a repository public key that is specific to the second device; and 
 
 after registering the first device, authenticating a communication from the first device by:
 receiving, from the first device, the communication; 
 receiving, from the first device, a first digital signature, wherein the first digital signature is generated by the first device using a device private key corresponding to the device public key; 
 receiving, originating from the secure repository, a second digital signature, wherein:
 the second digital signature is generated by the secure repository using a repository private key corresponding to the repository public key; and 
 the second digital signature is generated by the secure repository only after the first device is authenticated by the secure repository; 
 
 authenticating the first digital signature using the device public key; 
 authenticating the second digital signature using the repository public key; and 
 authenticating the communication based on authenticating the first digital signature and authenticating the second digital signature. 
 
   
     
     
         9 . The system of  claim 8 , wherein the system comprises a server. 
     
     
         10 . The system of  claim 8 , wherein the first device comprises a device located at a user's home. 
     
     
         11 . The system of  claim 8 , wherein the communication and the first digital signature are received from the first device in a same transmission. 
     
     
         12 . The system of  claim 8 , wherein the first digital signature comprises the communication signed by the device private key. 
     
     
         13 . The system of  claim 8 , wherein the secure repository stores encrypted information in a user account, wherein the secure repository cannot decrypt the encrypted information. 
     
     
         14 . The system of  claim 8 , wherein the first device, the system, and the secure repository are all operated by different entities. 
     
     
         15 . A non-transitory computer-readable medium comprising instructions that, when executed by one or more processors, cause the one or more processors to perform operations comprising:
 registering the first device with the second device by:
 receiving, at the second device and from the first device, a device public key that is specific to the second device; and 
 receiving, at the second device and originating from a secure repository, a repository public key that is specific to the second device; and 
   after registering the first device with the second device, authenticating a communication from the first device by:
 receiving, at the second device and from the first device, the communication; 
 receiving, at the second device and from the first device, a first digital signature, wherein the first digital signature is generated by the first device using a device private key corresponding to the device public key; 
 receiving, at the second device and originating from the secure repository, a second digital signature, wherein:
 the second digital signature is generated by the secure repository using a repository private key corresponding to the repository public key; and 
 the second digital signature is generated by the secure repository only after the first device is authenticated by the secure repository; 
 
 authenticating, by the second device, the first digital signature using the device public key; 
 authenticating, by the second device, the second digital signature using the repository public key; and 
 authenticating, by the second device, the communication based on authenticating the first digital signature and authenticating the second digital signature. 
   
     
     
         16 . The non-transitory computer readable medium of  claim 15 , wherein the first device comprises a device located at a user's home. 
     
     
         17 . The non-transitory computer readable medium of  claim 15 , wherein the communication and the first digital signature are received from the first device in a same transmission. 
     
     
         18 . The non-transitory computer readable medium of  claim 15 , wherein the first digital signature comprises the communication signed by the device private key. 
     
     
         19 . The non-transitory computer readable medium of  claim 15 , wherein the secure repository stores encrypted information in a user account, wherein the secure repository cannot decrypt the encrypted information. 
     
     
         20 . The non-transitory computer readable medium of  claim 15 , wherein the first device, the system, and the secure repository are all operated by different entities.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.