`
`(12) United States Patent
`US 9,294,448 B2
`(10) Patent No.:
`Miller et al.
`(45) Date of Patent:
`Mar. 22, 2016
`
`(54) CRYPTOGRAPHIC SECURITY FUNCTIONS
`BASED ON ANTICIPATED CHANGES IN
`DYNAMIC MINUTIAE
`
`(71) Applicant: mSignia, Inc., Irvine, CA (US)
`
`(72)
`
`Inventors: Paul Timothy Miller, Irvine, CA (US);
`George Allen Tuvell, Thompson’s
`Station, TN (US)
`
`(73) Assignee: mSignia, Inc., Irvine, CA (US)
`
`(58) Field of Classification Search
`CPC .. H04L 63/0876; H04L 9/0861; H04L 9/0866
`USPC .......................................................... 380/255
`See application file for complete search history.
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`6,041,133 A *
`
`6,185,316 B1*
`
`3/2000 Califano ............ G06K 9/00067
`382/124
`2/2001 Buffam ................... G06F 21/32
`382/100
`
`( * ) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 32 days.
`
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`
`(21) Appl. No.: 14/458,123
`
`(22)
`
`Filed:
`
`Aug. 12, 2014
`
`(65)
`
`Prior Publication Data
`
`US 2015/0033027 A1
`
`Jan. 29, 2015
`
`Related US. Application Data
`
`(63) Continuation of application No. 13/366,197, filed on
`Feb. 3, 2012, now Pat. No. 8,817,984.
`
`(60) Provisional application No. 61/462,474, filed on Feb.
`3, 201 1 .
`
`(51)
`
`Int. Cl.
`H04L 29/06
`H04L 9/16
`
`(2006.01)
`(2006.01)
`(Continued)
`
`(52) US. Cl.
`CPC .......... H04L 63/0428 (2013.01); H04L 9/0861
`(2013.01); H04L 9/0866 (2013.01); H04L
`9/0872 (2013.01); H04L 9/16 (2013.01); H04L
`9/3231 (2013.01); H04L 9/3247 (2013.01);
`H04L 9/32 71 (2013.01); H04L 63/08 76
`(2013.01)
`
`W0
`W0
`W0
`
`WO 2010/035202
`WO 2013/138714
`WO 2013/154936
`
`4/2010
`9/2013
`10/2013
`
`Primary Examiner 7 Dao Ho
`(74) Attorney, Agent, or Firm 7 Haynes and Boone, LLP
`
`(57)
`
`ABSTRACT
`
`Dynamic key cryptography validates mobile device users to
`cloud services by uniquely identifying the user’s electronic
`device using a very wide range of hardware, firmware, and
`software minutiae, user secrets, and user biometric values
`found in or collected by the device. Processes for uniquely
`identifying and validating the device include: selecting a sub-
`set of minutia from a plurality of minutia types; computing a
`challenge from which the user device can form a response
`based on the selected combination of minutia; computing a
`set ofpre-processed responses that covers a range ofall actual
`responses possible to be received from the device if the com-
`bination of the particular device with the device’s collected
`actual values of minutia is valid; receiving an actual response
`to the challenge from the device; determining whether the
`actual response matches any of the pre-processed responses;
`and providing validation, enabling authentication, data pro-
`tection, and digital signatures.
`
`20 Claims, 11 Drawing Sheets
`
`
`
`112
`
`.
`.
`,9
`‘a’ e
`
`Sauce Pruvrder App
`Vatid
`Pms 0 ifi
`
`
`
`j.—
`Responses DB
`
`
`Dynamtc Key
`fl
`A------L——_—-.\
`,
`,.............\
`
`
`Crypo Library
`! Fae—Calculation Using
`(05, Network.
`.
`.
`Actuat Values 01
`(
`
`i
`Chatten e It All
`Firmware,
`i
`i
`.3
`Transferred at
` Service User
`l
`118
`I
`.
`Possibe Keys
`Major Apps, etc.)
`E
`!
`i
`Inferred Mtnutia
`I
`
`Compu er
`iinr=1234
`t HxFyUSzo = Respt
`64
`
`
`
`(no changes)
`E
`HxFy1Szo = RespZ
`t H40
`
`I
`
`t'ura=1xrz
`1
`_
`20
`Computer
`:
`
`
`t
`Mtnutia
`”/3520 ‘ R5599
`= 684
`t g? 212%
`
`y
`eryOSZ1 = ResptO
`t
`'
`
`y
`_
`t rm n03
`70 = W
`.
`i
`l
`HxFyOSzlg — Resp172
`1 Sat. 81th.
`i
`1
`a
`I,”
`_______________x
`_
`t
`a
`t
`t 51: man
`t
`r
`590 Source Values of
`t ”X08518 ' ReSP‘BO t
`\.
`t
`5 5230A, 32503,,
`I
`I
`l
`’
`‘
`i
`i
`2% i
`Computer Mtnutia
`'
`M
` 5280=FFA+ M H
`i Mtttons a1 Posspilities
`i 40 Hardware: H1~H40
`
`i 70 firmware: FH70
`{Nearly infinite combinations;
`i OJrrent Device Image
`1
`1
`t 280 Software: St—SZBO
`‘\_______________
`
`/
`
`‘
`
`Dynamtc Key
`
`Crypto Provider ~1n
`
`jwzom
`
`I
`
`
`
`
`
`}
`:
`!
`‘
`
`tt
`
`m
`
`
`
`t
`l
`.
`t
`5
`
`
`
`
`
`lat) Pennutations
`
`Page 1 of 32
`
`MIOIO
`
`IA1010
`
`Page 1 of 32
`
`
`
`US 9,294,448 132
`
`Page2
`
`Int. Cl.
`H04L 9/32
`H04L 9/08
`
`(51)
`
`(56)
`
`(2006.01)
`(200601)
`_
`References Clted
`
`US PATENT DOCUMENTS
`
`2007/0240220 A1
`2007/0240221 A1
`2007/0240222 A1
`2008/0086773 A1
`2008/0086776 A1
`2008/0175449 A1*
`
`2008/0196104 A1
`2008/0235515 A1*
`
`10/2007 Tuvelletal.
`10/2007 Tuvellet al.
`10/2007 Tuvelletal.
`4/2008 Tuvelletal.
`4/2008 Tuvelletal.
`7/2008 Fang ....................... G06F 21/32
`382/124
`
`8/2008 Tuvelletal.
`9/2008 Yedidia .............. G06K 9/00073
`713/186
`
`10/2008 Thomas et al.
`2008/0244744 A1
`5/2009 Richardon
`2009/0138975 A1
`2009/0310779 A1* 12/2009 Lam ................... G06K9/00577
`380/46
`2010/0027834 A1*
`2/2010 Spitzig ............... G06K9/00577
`382/100
`
`2010/0229224 A1
`2011/0082768 A1
`2011/0113388 A1
`2011/0293094 A1
`2011/0296170 A1
`2012/0201381 A1*
`
`2013/0340052 A1
`.
`.
`* Clted by examlner
`
`”010 EFChegOYen
`4/2011 E1sen
`5/2011 Elsen etal~
`12/2011 Osetal.
`12/2011 Chen
`8/2012 Miller ....................... H04L 9/16
`380/255
`
`12/2013 Jakobsson
`
`2/2008 Barber
`7,330,871 B2
`”008 S?hwarm
`7,333,871 132
`$83)? if? d
`3333223 3%
`”on Bail): 50“
`7’937’467 B2
`’
`’
`G06F21/57
`Sflgéggi 3* 1%83 $122550“ etal'
`713/189
`’
`’
`"""""""""""
`2006/0031676 A1*
`2/2006 Vantalon ................ G06Q10/02
`713/176
`2006/0104484 A1*
`5/2006 Bolle ................. G06K 9/00885
`382/115
`
`2007/0124801 A1
`2007/0174206 A1*
`
`5/2007 Thomas et 31.
`7/2007 Colella ................ G06Q 20/382
`705/64
`
`2007/0214151 A1
`2007/0240218 A1
`2007/0240219 A1
`
`9/2007 Thomas et al.
`10/2007 Tuvelletal.
`10/2007 Tuvellet al.
`
`Page 2 of32
`
`MIOIO
`
`IA1010
`
`Page 2 of 32
`
`
`
`US. Patent
`
`Mar. 22, 2016
`
`Sheet 1 of 11
`
`US 9,294,448 B2
`
`100
`
`10
`
`Dynamic Key
`
`Crypto ProwdervI
`
`
`
`
`Service Provider App
`
`56
`
`
`
`
`Dynamic Key
`Crypto Library
`
`
`
`44
`
`FIG. 1
`
`Page 3 of32
`
`MIOIO
`
`IA1010
`
`Page 3 of 32
`
`
`
`U.S. Patent
`
`Mar. 22, 2016
`
`Sheet 2 of 11
`
`US 9,294,448 B2
`
`
`
`
`
`IIIOIIII
`
`
`
`8NN:
`$80526>@3832
`
`IImacammzme2352
`
`
`
`/
`
`
`
` I558;OISE:BEEII3m2%5.82WII2I.IIIIIIEQ9%852a:II.eoIIEIIIICIIIIIIIIQEIEOIMIESEBISISIS8528318;IoISISI52I.I.vIIoEIzweIwas
`
`
` IIIIL,IINZW”20:8IINI:II3%:”2225:EIIWEIEIEEI9:IOEI838223IIIIIIIH:IEIIIIIaaIIIE522:;BISI23::EggsIIituommmII_.IIIIEggI,II82;35%III\IIIIIIII”IINIIIIXIIIIIIII
`
`
`
`Bebomxmx£Eo§©/\,lllllllllllllllll\\
` -NwIIxIIII:I:IIIIE:nIIIIIIIIIINIgInNIIIIII@2quIIIIIIIa;IIEnINIIIIII3HIIIIIIIImax
`
`IIIIMIf....................\I:0?naII_IIIIIM2NI:II2%IIIIIEIIIII.I:HI:IIII:II:II23uINmIIIxI..II,IIIIIIIIIIIHIIIIIs.5IIIIWIEIMIIIIIII
`
`Page 4 of 32
`
`MIOIO
`
`IA1010
`
`Page 4 of 32
`
`
`
`
`
`
`
`
`
`U
`
`2B84
`
`
`
`
`2%an"eE525_o\.__t25no;EgmweSufism“mé.GEE.WEE?m
`mm.0:...............W..............x18320258¢3308a5th_t{N.0:EsEa52::212%332%;222%:wn9§82.8BE3m;
`2358m2,N0—“—Q:@3265m2.322E"eastflrtIEnEmMSE_,$22,23;:EC:58358x.MII‘llllllllllllllllllllllllllllll
`\111----------:-...............MOSNL@Eougffiifirécw135:20._m862.go:@8265
`
`,$325238;S093$83xӤmacamoxmwcmhwmm:2325m895%$3m.eogeiufmwo52952%m895%$82..255:ux:m%mo32::
`
`spasm,I...............W...............
`3.283
`
`
`
`
`owcamom 4a\1..............................Jm32::£358822,E:5;me.u9932a:80meEmcgo.555E:82?SEE5w__m-wmmmmmmmfifiwmm...............w...............mAmmcgsfiimxviu
`$952233?u‘”238$__Hm8955$88EommnEm.m321”$956.23RNSufismnNmwww:lxl::._m&£6.€_¢.uw£.\n.m.%m_w>x.“xi
`
`
`
`3:33135:5”820%“:gammaEa?@2881m0va
`
`
`
`
`
`£358Eatmso82528w.852282&0mWI:----MVWEEMV:%H6WW%8m\_
`
`
`_\1..............................,_m22:2:23
`
`
`
`
`
`
`
`S”I.....................................................................
`
`
`
`
`
`Page 5 of 32
`
`MIOIO
`
`IA1010
`
`Page 5 of 32
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Mar. 22, 2016
`
`Sheet 4 of 11
`
`US 9,294,448 B2
`
`EEEE@5383a:E mm
`
`
`
`gI.\©J2
`
`
`
`conga?:525:395
`
`233%$28:8EmmE2283
`
`fia<525$..1.m:
`835m1/
`ON835m
`558;?539:83<5285,0%
`
`$8850m8.2%a.523£58552383225
`
`
`
`
`
`855.3%85023335529528m.5225.$23:833m~~wmom
`
`
`
`
`
`
`
`
`9%523$835m
`
`i
`
`EX2:23
`
`has:295
`
`anEgases
`8>53:295wea“25mm
`
`m.0:
`
`mm
`
`Page 6 of 32
`
`MIOIO
`
`IA1010
`
`Page 6 of 32
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Mar. 22, 2016
`
`Sheet 5 of 11
`
`US 9,294,448 132
`
`Q
`
`E32;8&5E2523
`
`A5525$85%
`
`mm.2a835m
`
`5338mm
`
`mopa.
`
`25Eggs
`
`2on525585%
`
`38am:
`
`53
`
`5585552
`
`
`
`3m:02.2mm
`
`25282%
`
`2:550:655
`
`OS
`
`Page 7 of 32
`
`
`
`538895mEggsEggmm
`mm3was;i505:398
`
`E2553
`
`:52:2g325elea2gas5mm8503
`
`SEE}#Emcofi
`
`8E
`
`om
`
`-a
`2:a,2:.ammmvOEsofiwwswmgz
`
`
`max835mé23:562%
`
`2:555:38
`
`E
`
`Na
`
`:22;2:68;
`
`MIOIO
`
`IA1010
`
`Page 7 of 32
`
`
`
`
`
`
`
`
`
`
`
`
`US. Patent
`
`Mar. 22, 2016
`
`Sheet 6 of 11
`
`US 9,294,448 132
`
`500 \
`80
`
`10
`
`86
`
`- Dynamic Key
`Software
`Crypto Provider
`Manufacturers
`
`- 82
`Computer Hardware
`Manufacturers
`
`- ‘9
`
`Firmware
`Manufacturers
`
`84
`
`Industry Minutia
`Cataloging
`
`
`
`Minutia
`
`Update
`
`Collection
`
`
`DD.
`
`Computer
`industry
`Research
`
`%
`
`96
`
`98
`
`7D
`
`- Data
`Modeling,
`Heuristics
`and
`Permutations
`
`Industry Update
`Cataiogue DB
`
`
`
`-
`
`Anticipated
`Minutia DB
`
`Minutia DB
`
`-
`
`FIG. 5
`
`92
`
`94
`
`Historical
`Minutia
`Trends 8c
`
`
`
`Data Mining
`
`Page 8 of32
`
`MIOIO
`
`IA1010
`
`Page 8 of 32
`
`
`
`U.S. Patent
`
`Mar. 22, 2016
`
`Sheet 7 of 11
`
`US 9,294,448 B2
`
`0%
`
`$88;82:883:8
`
`55%;;E35
`
`2:02
`
`:23am:
`
`2285
`
`s228»”A28m
`
`NE
`
`E382;E539:8mm
`
`E
`
`
`
`525:835m
`
`0:gramEgg;
`
`0:2;
`
`E528:E2952:5ch
`
`.1;
`
`eSm3:58
`
`m:
`
`2%
`
`mm385$
`
`“A28m
`
`228::
`
`mm
`
`Egg?
`
`mg0:23
`
`Nmgg25mm
`
`%mg2:53
`
`mm828$26>
`
`aP
`
`23f09no
`
`MIOIO
`
`IA1010
`
`Page 9 of 32
`
`
`
`
`
`
`
`
`
`
`QMU
`
`ta
`
`2,
`
`2B8M
`
`9,8EmEEa:
`4.}Iw3:mo0:
`
`
`
`22083:525:8333;:$3235
`
`
`
`3::$3EOEEE32:55
`
`t02@231magmamam$83
`
`«mE8:230:68::mm:m53228$25ME.$5525%$288
`@2185@395m
`
`26>8358
`
`858:2,2%02”A2?“:onoz“AENESmoz”A28m..5228:5asMmm:ma:we
`
`«Mmm823:8228::228::22mg:
`
`nW2N2:3EwMmvoéofilmmm88».rllllllllllllllllllL.wN2
`
`PI....................................................................................................
`
`Page 10 of 32
`
`MIOIO
`
`IA1010
`
`Page 10 of 32
`
`
`
`
`US. Patent
`
`Mar. 22, 2016
`
`Sheet 9 of 11
`
`US 9,294,448 132
`
`,..................,
`i Continue Challenge 5
`
`i
`
`in Fig. 2
`
`i
`
`114
`
`Intelligent
`
`Minutia Selection
`
`10
`
`CDyntumFi’C Kfidl/
`
`UP 0
`
`‘0‘“ er
`
`700
`
`/
`
`Secrets and
`
`Biometric Minutia
`
`25
`
`a
`
`20
`
`256
`
`Display System
`PlN
`
`er
`
`Comp“
`
`1D
`
`
`
`
`Minutia
`
`Dynamic Key
`
`
`Crypto Library Get Biometric
`|ServiceProviderApp
`
`
`250
`
`
`
`
`
`
`Process
`
`
`Biometric Request
`
`
`
`Process
`Unpack
`
`
`
`Challenge
`Response
`
`
`
`
`Use
`Service
`
`
`
`
`
`PlN
`
`
`
`
` Computer Minutia
`
`
`
`Display
`Service PlN
`
`Cet Time Since
`
`last Successful
`PlN Event
`
`260
`
`Fetch Key
`Minutia
`
`258
`
`
` Substitute Message
`
`Digital
`
`Hash for
`
`Signature
`Random Number
`
`
`
`
`106
`
`Calculate
`Actual Response
`
`FIG. 7
`
`Page 11 of32
`
`MIOIO
`
`IA1010
`
`Page 11 of 32
`
`
`
`US. Patent
`
`Mar. 22, 2016
`
`Sheet 10 of 11
`
`US 9,294,448 B2
`
`800
`
`-
`\ - Secrets and
`Dynamic Key
`‘
`'
`Biometric Minutia
`24
`‘0
`Crypto Provider
`Mimi's DB
`-Service 8c ‘ Computer 18
`
`—
`
`26
`
`User Data
`
`—
`
`«9
`
`Service Provider
`
`14
`
`
`
`Servrce Provider App
`
`
`
`
`
`Dynamic Key
`Crypto Library
`
`
`2o
`
`44
`
`194
`
`Heartbeat & Chatter
`
`492
`
`Locai
`Computer Check
`
`Encrypt &
`Decrypt Data
`
`
`
`
`
`Minutia
`
`206
`
`
`
`Retries
`
`
`
`
`
`190 r .Encrypted
`
`Service Data
`
`”lid ‘ FetchKey
`
`Decryption
`
`Exhausted 3WD WWW!
`
`
`
`_________________
`R
`‘t
`egis er
`i Computer (Fig 4)
`
`a._..__.__-
`
`
`
`Fetch Random
`Minutig
`
`with DKCP
`
`201
`
`FIG 8
`
`204
`
`Page 12 of32
`
`MIOIO
`
`IA1010
`
`Page 12 of 32
`
`
`
`US. Patent
`
`Mar. 22, 2016
`
`Sheet 11 of 11
`
`US 9,294,448 B2
`
`E
`
`236
`
`66
`
`FIG- 9
`
`- , - /
`Encrypted
`fDeleteC SW?
`Service Key
`Service Data
`ram ompu er
`Minutia Selections
`
`
`238
`Send Receipt &
`Yes
`
`t d D t
`a 0
`Transfer
`ncryp e
`
`Service
`
`
`
`lll
`F"“"""j““j“"1
`llllIl
`App Delivery in
`Figure 3
`ll
`1ll[
`t
`1
`'
`
`lttI|Illllt l
`
`lI
`:|
`
`
`
`
`
`Dynamic Key
`Crypto Library
`
`
`Computer
`Service User
`
`44
`
`Service Provider App
`
`:15
`
`Dynamic Key
`Crypto Library
`
`fl
`
`Computer System
`Registration in
`i ure
`F'
`g
`
`New Computer
`
`Service Provider App
`Processing in
`'
`Figure 8
`
`Secrets and
`
`Biometric Minutia
`
`Service Provider
`
`14
`
`26
`
`232
`
`A\rrp
`
`I!"
`
`to
`
`Dynamic Key
`Crypto Provider
`
`222
`224
`
`2
`2
`
`Hold Service
`
`Delete Service
`
`
`
`
`h-
`Notify Other
`-_I
`
`
`Hold, Delete, Transfer
`Service Request
`
`Service Providers
`
`228
`
`- - .
`Minutia oe
`SP Into & IDs
`SP giggggence
`B
`3_2
`9
`
`Page 13 of32
`
`MIOIO
`
`IA1010
`
`Page 13 of 32
`
`
`
`US 9,294,448 B2
`
`1
`CRYPTOGRAPHIC SECURITY FUNCTIONS
`BASED ON ANTICIPATED CHANGES IN
`DYNAMIC MINUTIAE
`
`CROSS REFERENCE TO RELATED
`APPLICATIONS
`
`This application is a continuation of US. patent applica-
`tion Ser. No. 13/366,197 filed Feb. 3, 2012, which claims the
`benefit of US. Provisional Patent Application No. 61/462,
`474 filed Feb. 3, 2011, both of which are incorporated by
`reference.
`
`BACKGROUND
`
`1. Technical Field
`
`The present disclosure generally relates to dynamic key
`cryptography used, for example, for authentication between a
`client electronic device and a service provider, encryption of
`data communications, and digital signatures and, more par-
`ticularly, to cryptography using dynamic keys derived from
`dynamically changing key material.
`2. Related Art
`
`Use of computers for connecting to a network (such as the
`Internet) and communicating with a variety of services risks
`the privacy of many types of information belonging to a user
`including, for example, the user’s relationships (e.g., social
`connections), business secrets, banking details, payment
`options, and health records. The use of cryptography is com-
`mon to authenticate identities, protect data, and digitally sign
`the summary (i.e. digest) of an action.
`Cryptography generally uses an algorithm (e. g., Advanced
`Encryption Standard (AES), Rivest Shamir Adelman (RSA))
`to combine cryptographic keys (which may be symmetric,
`public, or private, for example) with plain text to form cipher
`text. Cryptography keys are typically random numbers with-
`out any special meaning. The process of distributing crypto-
`graphic keys and storing them on a client computer (referred
`to as “key management”) is difficult to perform securely and
`is often the point-of-attack for breaking the security of a
`cryptographic system. The key represents a single sequence
`ofdata and thus a single point-of-failure for the cryptographic
`system. Since the key normally must be present at the client
`computer, finding the key and then copying it to another
`computer can allow an imposter entity to masquerade as a
`valid entity.
`Secure elements (e.g., smartcards) can securely store the
`cryptographic key and, in some instances, generate the key in
`a secure environment. Access to the key was typically con-
`trolled by requiring the user to enter a personal identification
`number (PIN); this ensured that the user had to provide a
`secret before the secure element would allow use of the key.
`Such access to a key is commonly known as two-factor
`authentication, and the two factors are generally referred to
`as: “Something You Know” and “Something You Have”. A
`third factor, “Something You Are”, can include, for example,
`biometric information. The factors themselves are related in
`
`use but entirely separate in material. Possession of the physi-
`cal secure element (“Something You Have”) may be via vali-
`dation of cryptographic functions using the random number
`cryptographic key provisioned to a particular secure element
`whose use may be protected by a secret PIN (“SomethingYou
`Know”). There is no implicit binding between the key and the
`user.
`
`The use of certificates in cryptography enabled the binding
`of a distinguished name (e.g., a unique user) with a crypto-
`graphic key. Yet, still the cryptographic key is a random
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`
`number, and when the key is validated, the cryptographic
`system attributes the user in the certificate to the usage of the
`key; the key matter itself has no relation to the user.
`On the Internet, ensuring a real-world identity for the user
`is critical for protecting data and privacy. Mobile users espe-
`cially are at risk because they often do not use anti-virus
`applications and many of the service providers use applica-
`tions (apps) optimized for simplicity, not security. This leaves
`much of the private data meaningful to both a user’s identity
`and a service’s value inadequately protected. Since online
`service providers (OSP) incur much of the risk, safety has
`become their responsibility.
`The standard method for identifying a user to an online
`service is by entering a username and password. The user-
`name is a known service index and, as such, can be stored on
`the computer for convenience. The password is a user secret
`verifiable by the OSP; it should not be stored at the computer,
`where it can be compromised. However, because a quality
`password has many characters which should be a mix of
`upper, lower, punctuation and special characters, the pass-
`word is often difiicult and time-consuming to type. This is
`especially true on a mobile computer using touch keypads
`that have various ‘levels’ of keypads for characters beyond
`simple alpha-numeric. Thus, many mobile apps store the
`password on the computer. Because mobile operating sys-
`tems require mobile apps to be signed in order to run, the apps
`themselves cannot be altered after installation. So, any data
`stored by the mobile app is separate from the mobile app and
`often can be vulnerable to attack. Furthermore, because the
`app cannot change, if encryption was used to protect the
`cached password, there could only be one encryption key for
`all instances of the application. This commonality made har-
`vesting and cracking stored passwords on a mobile computer
`relatively simple, even ifthe passwords were encrypted, since
`they all used the same key for decryption.
`Computer and computer identification has been attempted
`by calculating a hash of the minutia found on a computer to
`uniquely identify the computer, often referred to as a com-
`puter fingerprint. Computer fingerprints typically are used,
`among other things, to ‘lock’ software to a particular com-
`puter fingerprint and identify computers used in online
`actions to profile the history and potential risk of particular
`actions. A typical computer identifier is computed and
`remains static; to ensure reliability the computer fingerprint
`typically uses computer minutiae (e.g., serial numbers) that
`normally do not change. Thus, current computer fingerprints
`typically use a relatively small set of static minutia which may
`be prone to spoofing. Some approaches to improving com-
`puter identification have sought to increase the number of
`minutiae used in identifying the computer through the analy-
`sis of time (both in clock and network latency) and bits of
`information left on the computer (i.e. ‘cookies’). However, as
`more minutiae are included in the computation, the probabil-
`ity that changes occurred naturally to the minutia can result in
`a new computer fingerprint. This falsely identifies a computer
`as ‘different’ when it is actually the same computer (often
`referred to as ‘false negatives’). These changes to the minutia
`on a unique computer occur naturally during normal use and
`can invalidate the computer fingerprint process or inconve-
`nience the user or service by forcing a re-initialization of the
`computer fingerprint.
`
`SUMMARY
`
`According to one or more embodiments of the present
`invention, methods and systems for dynamic key cryptogra-
`phy use a wide range of minutiae as key material including
`
`Page 14 of 32
`
`MIOIO
`
`IA1010
`
`Page 14 of 32
`
`
`
`US 9,294,448 B2
`
`3
`computer hardware, firmware, software, user secrets, and
`user biometrics rather than store a random number as a cryp-
`tographic key on the computer. Methods and systems for
`using dynamic key cryptography, according to one or more
`embodiments, can be used for authenticating users to ser-
`vices, ciphering data for protection, and digitally signing
`message digests. In one embodiment, dynamic key cryptog-
`raphy anticipates changes to computers caused by industry
`updates to hardware, firmware, and software of computers.
`In one embodiment, a method of dynamic key cryptogra-
`phy includes: selecting a subset from a set of minutia types;
`for a particular device, sending a challenge to the device, in
`which: the challenge includes information from which the
`device can collect actual values of minutia corresponding to
`the selected subset of minutia types in order to form a cryp-
`tographic key, the cryptographic key is never transmitted
`from the device across any communication channel, and the
`cryptographic key is used to encrypt an actual response to the
`challenge; pre-processing a set of responses to the challenge
`based on tracking updates of minutia from which the selected
`subset of minutia types is selected, in which: the set of pre-
`processed responses covers a range of all actual responses
`possible to be received from the particular device if the com-
`bination of the particular device with collected actual values
`of minutia is valid; comparing the actual response from the
`particular device to the set of pre-processed responses; and
`validating the combination of the particular device with the
`collected actual values ifthe actual response is included in the
`set of pre-processed responses for the particular device.
`In another embodiment, a method includes: selecting at
`least one type of minutia from a plurality of minutia types;
`forming a challenge that conveys the selection of minutia
`types; computing a plurality of pre-processed responses pos-
`sible to receive from a valid device, in which: each pre-
`processed response is computed using a key, each key is
`computed using values that are possible for the selection of
`minutia types; sending the challenge to the device; receiving
`an actual response to the challenge from the device, in which:
`the actual response is computed using an actual key, the actual
`key is computed using: a deduction ofthe selection ofminutia
`types from the challenge and actual values of the selection of
`minutia types; comparing the actual response to the pre-
`processed responses for a match; and based on whether or not
`a match was found, validating the combination of the device
`with the actual values of the selection of minutia types.
`In still another embodiment, a system includes a server
`configured to communicate with a device, in which the server
`selects at least one type ofminutia from a plurality ofminutia
`types; the server forms a challenge that conveys the selection
`of minutia types; the server computes a plurality of pre-
`processed responses possible to receive from a valid device,
`in which: each pre-processed response is computed using a
`key, each key is computed using values that are possible for
`the selection of minutia types; the server sends the challenge
`to the device; the server receives an actual response to the
`challenge from the device, in which: the actual response is
`computed using an actual key; the actual key is computed
`using: a deduction of the selection of minutia types from the
`challenge and actual values of the selection of minutia types;
`the server compares the actual response to the pre-processed
`responses for a match; and based on whether or not a match
`was found, the server validates the combination of the device
`with the actual values of the selection of minutia types.
`In yet another embodiment, a computer program product
`includes a non-transitory computer readable medium having
`computer readable and executable code for instructing a pro-
`cessor to perform a method, the method including: selecting
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`
`at least one type of minutia from a plurality of minutia types;
`forming a challenge that conveys the selection of minutia
`types; computing a plurality of pre-processed responses pos-
`sible to receive from a valid device, in which: each pre-
`processed response is computed using a key and each key is
`computed using values that are possible for the selection of
`minutia types; sending the challenge to the device; receiving
`an actual response to the challenge from the device, in which:
`the actual response is computed using an actual key, the actual
`key is computed using: a deduction ofthe selection ofminutia
`types from the challenge and actual values of the selection of
`minutia types; comparing the actual response to the pre-
`processed responses for a match; and based on whether or not
`a match was found, validating the combination of the device
`with the actual values of the selection of minutia types.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is a system diagram illustrating communication and
`security between a client, a client device and a service pro-
`vider facilitated by a dynamic key cryptography provider in
`accordance with one or more embodiments;
`FIG. 2, comprising FIG. 2A and FIG. 2B, is a system
`diagram illustrating a challenge, response and validation pro-
`cess performed by the system of FIG. 1 in accordance with an
`embodiment;
`FIG. 3 is a system diagram illustrating a service provider
`application (app) delivery system in accordance with an
`embodiment;
`FIG. 4 is a system process flow diagram illustrating a
`system for registration of computer system and user minutiae
`and services in accordance with an embodiment;
`FIG. 5 is a system diagram illustrating a system to cata-
`logue and model industry minutia and user heuristics to create
`and update anticipated minutia databases in accordance with
`an embodiment;
`FIG. 6, comprising FIG. 6A and FIG. 6B, is a system
`process flow diagram illustrating a system for validation scor-
`ing, confidence rating and step-up authentication processing
`in accordance with an embodiment;
`FIG. 7 is a system process flow diagram for an authentica-
`tion and digital signature system capable of incorporating
`three identity factors in accordance with an embodiment;
`FIG. 8 is a system process flow diagram illustrating a
`system for application processing for local and update data
`security functions in accordance with an embodiment; and
`FIG. 9 is a system diagram illustrating computer identity
`provider lifecycle functionality and services to service pro-
`viders in accordance with an embodiment.
`
`DETAILED DESCRIPTION
`
`In accordance with embodiments of the present invention,
`methods and systems of dynamic key cryptography using
`dynamically changing keys composed of or derived from
`dynamically changing key material provide cryptographic
`services such as authentication, data protection, and digital
`signature by uniquely identifying a user’s computer or other
`electronic device based on (I) the electronic device itself,
`e.g., a mobile phone or personal computing device, and using
`a very wide range ofhardware, firmware, and software minu-
`tia found on the computer; (2) secrets a user of the computer
`knows; and (3) biometric information the computer might
`collect from the user. Dynamic key cryptography in accor-
`dance with one or more embodiments enables secured actions
`
`for users of electronic computers and, more particularly, pro-
`vides authentication between a client electronic computer and
`
`Page 15 of 32
`
`MIOIO
`
`IA1010
`
`Page 15 of 32
`
`
`
`US 9,294,448 B2
`
`5
`a service provider, encryption of data electronically stored or
`sent on a communication channel, and digital signature for
`electronic digests of actions performed by the user on an
`electronic computer.
`The dynamic key cryptography system according to one
`embodiment anticipates changes to the minutia caused by
`updates and natural usage of the computer and practically
`eliminates false negatives that block valid users from a net-
`work service. Dynamic key cryptography may provide a safe,
`reliable method to users of network services for authenticat-
`
`ing the user to network services that protects both the user and
`the network services, protects the integrity and privacy of
`data, and provides for digitally signing the digest of an action
`performed by the user on the electronic computer.
`One or more embodiments may provide features such as: 1)
`simple user experienceino difficult passwords to remember
`or type, the user device or computer is invisibly authenticated
`and the user canbe asked to enter a second identity factor such
`as a secret PIN or biometric (e.g., voiceprint) into the com-
`puter only if required by the service and protected services
`can be automatically reconnected to a new device or com-
`puter when it is registered by the user; 2) unprecedented
`securityiusing a wider range of hardware, firmware, soft-
`ware, secret and biometric minutia to deliver a very accurate
`device or computer and user identity that is more difficult to
`spoof, especially as some computer identifier values are not
`static but are expected to change; 3) reliabilityianticipating
`changes to the user device or computer delivers a tolerant, yet
`secure authentication with fewer false negatives that anger
`users and clog customer support services; and 4) service and
`data separationidelivered as an integrated part of a mobile
`application (app), a “foundation” (e.g., dynamic key crypto-
`graphic service) helps protect the app, encrypt service data
`stored on the user device or computer, digitally sign actions
`and allows the service to react without affecting other ser-
`vices, e.g., should data need to be wiped, only the app’s data
`is affected, not the user’ s other information such as the user’ s
`pictures or messages.
`One or more embodiments may enable a more convenient
`method for connecting the user and service. For example,
`instead of subscribers typing in cumbersome passwords (or
`worse yet, storing them unencrypted on the computer), the
`dynamic key cryptographic (dynamic key crypto) service and
`related client software can compute and manage the unique
`properties of the user device or computer. The resultant iden-
`tified computer can be used in place of passwords to simplify
`the customer connection experience. Since the computer
`itself is uniquely identified, it represents a safer method of
`identifying customers (e.g., users or subscribers). By forming
`cryptographic keys which use minutia found on the computer,
`the computer itself (as defined by its minutia) is validated, not
`a static key stored or intended to be stored only on the com-
`puter. The discovery and copying of a single value (the secret
`key) is significantly easier than the discovery and copying of
`a very large range ofcomputer minutia values. In addition, the
`writing of a single key in a computer’s memory effectively
`counterfeits the uniqueness of a computer identified by a
`single, static stored value. To counterfeit a dynamic key
`crypto -identified computer, it would be necessary to intercept
`various methods to learn the minutiae values ofthe computer.
`Several direct and related methods may exist for learning the
`value of a particular computer minutia; to effectively coun-
`terfeit the computer, it may be that all methods for accessing
`all computer minutia values would need to be intercepted and
`the fraudulent response returned. Furthermore, since the
`dynamic key crypto system expects certain computer minutia
`values to change, a successfully counterfeited computer
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`6
`would also need to ensure the fraudulent computer minutia
`values change in an expected manner. Should a user’s online
`activities require an even higher level of trust, the platform
`(e.g., dynamic key crypto service and related client software)
`can force the user to enter the user’s standard PIN into the
`
`computer to ensure a valid user is the person using the com-
`puter.
`Several technologies exist for processing security and
`assurance claims using static values. These include pass-
`words themselves and static ‘seed keys’ for functions like
`one-time-password and challenge-respond security mecha-
`nisms. Even public key cryptography is based off a static key
`pair (public and private). One or more embodiments of the
`dynamic key crypto system may use a very large numeric
`representation (e.g., 100,000’s of bits) of computer and user
`minutia (e.g., any piece ofinformation that can be definitively
`associated with the computer and its user, including informa-
`tion from the general categories ofwhat the user or computing
`device has, what the user knows, and what the user is) to form
`cryptographic keys that support a range of security functions
`in a verifiable manner (a cornerstone of security). In one or
`more embodiments methods based on the predictable
`dynamic nature of the minutia may allow for verification of
`the minutia (as ifthey were a single static value) but not all of
`the minutia is required to be static; most values ofthe minutia
`can (and are expected to) change and evolve over time and the
`change of the minutia values themselves increases the per-
`ceived randomness of the resultant dynamic crypto keys. The
`validation of dynamic key cryptography based on changing
`minutia uses a complex confidence scoring which isolates
`and evaluates the minutiae that have changed and uses con-
`fidence weightings against the predictability of such changes.
`Changing minutia when used as dynamic key material for
`dynamic key cryptography ad