Multi-factor authentication
| DWPI Title: Hardware device i.e. hardware token, for facilitating transactions with automated teller machine, has cryptographic fingerprint unit for using multi-factor authentication value to allow challenger to authenticate user of device |
| Abstract: Detection and deterrence of spoofing of user authentication may be achieved by including a cryptographic fingerprint unit within a hardware device for authenticating a user of the hardware device. The cryptographic fingerprint unit includes an internal physically unclonable function (“PUF”) circuit disposed in or on the hardware device, which generates a PUF value. Combining logic is coupled to receive the PUF value, combines the PUF value with one or more other authentication factors to generate a multi-factor authentication value. A key generator is coupled to generate a private key and a public key based on the multi-factor authentication value while a decryptor is coupled to receive an authentication challenge posed to the hardware device and encrypted with the public key and coupled to output a response to the authentication challenge decrypted with the private key. |
| Use: Hardware device i.e. hardware token (claimed), for facilitating transactions with an automated teller machine. |
| Advantage: The method enables using unique multi-factor authentication value and a cryptographic challenge/response protocol for authenticating the user of the device to protect against spoofing of the authentication by an adversary. The method enables achieving noise reduction in noisy PUF value via application of error correction techniques to the PUF value, so that future bit errors in the PUF value can be identified and corrected to generate a reliable, consistent seed value. |
| Novelty: The device (105) has a device circuitry (130) for performing primary function of the device placed on a hardware platform (125). A cryptographic fingerprint unit (135) includes a physically unclonable function (PUF) circuit (140) placed on the platform. A combining logic is coupled to receive authentication factor and challenge the PUF circuit with the authentication factor. The logic is coupled to generate multi-factor authentication value based on a PUF value. The fingerprint unit uses the authentication value to allow a challenger (110) to authenticate the user of the device. |
| Filed: 10/20/2010 |
| Application Number: US2010908414A |
| Tech ID: SD 11763.0 |
| This invention was made with Government support under Contract No. DE-NA0003525 awarded by the United States Department of Energy/National Nuclear Security Administration. The Government has certain rights in the invention. |
| Data from Derwent World Patents Index, provided by Clarivate All rights reserved. Republication or redistribution of Clarivate content, including by framing or similar means, is prohibited without the prior written consent of Clarivate. Clarivate and its logo, as well as all other trademarks used herein are trademarks of their respective owners and used under license. |