US 6,983,381 B2 | ||
Methods for pre-authentication of users using one-time passwords | ||
Robert A. Jerdonek, Sunnyvale, Calif. (US) | ||
Assigned to Arcot Systems, Inc., Santa Clara, Calif. (US) | ||
Filed on Jun. 28, 2001, as Appl. No. 9/896,560. | ||
Claims priority of provisional application 60/262875, filed on Jan. 17, 2001. | ||
Prior Publication US 2002/0095507 A1, Jul. 18, 2002 | ||
Int. Cl. G06F 1/24 (2006.01) |
U.S. Cl. 713—201 | 20 Claims |
1. A method for communicating passwords comprises:
receiving at a server a challenge from a authentication server via a first secure communications channel, wherein the challenge
includes at least a random password from the authentication server that is inactive;
communicating the challenge from the server to a client computer via a second secure communications channel, wherein the client
computer receives the random password from the authentication server that is inactive;
receiving at the server a challenge response from the client computer via the second secure communications channel, wherein
the challenge response includes a digital certificate and a digital data packet, wherein the digital certificate includes
a public key in an encrypted form, and wherein the digital data packet is determined in the client and comprises a combination
of at least a portion of the challenge and a private key corresponding to the public key; and
communicating the challenge response from the server to the authentication server via the first secure communications channel;
wherein the random password from the authentication server that is inactive is activated when the authentication server verifies
the challenge response.
|