Multi-factor authentication
Abstract
Detection and deterrence of spoofing of user authentication may be achieved by including a cryptographic fingerprint unit within a hardware device for authenticating a user of the hardware device. The cryptographic fingerprint unit includes an internal physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generates a PUF value. Combining logic is coupled to receive the PUF value, combines the PUF value with one or more other authentication factors to generate a multi-factor authentication value. A key generator is coupled to generate a private key and a public key based on the multi-factor authentication value while a decryptor is coupled to receive an authentication challenge posed to the hardware device and encrypted with the public key and coupled to output a response to the authentication challenge decrypted with the private key.
- Inventors:
- Issue Date:
- Research Org.:
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1160234
- Patent Number(s):
- 8868923
- Application Number:
- 12/908,414
- Assignee:
- Sandia Corporation (Albuquerque, NM)
- Patent Classifications (CPCs):
-
G - PHYSICS G05 - CONTROLLING G05B - CONTROL OR REGULATING SYSTEMS IN GENERAL
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
- DOE Contract Number:
- AC04-94AL85000
- Resource Type:
- Patent
- Resource Relation:
- Patent File Date: 2010 Oct 20
- Country of Publication:
- United States
- Language:
- English
- Subject:
- 97 MATHEMATICS AND COMPUTING
Citation Formats
Hamlet, Jason R, and Pierson, Lyndon G. Multi-factor authentication. United States: N. p., 2014.
Web.
Hamlet, Jason R, & Pierson, Lyndon G. Multi-factor authentication. United States.
Hamlet, Jason R, and Pierson, Lyndon G. Tue .
"Multi-factor authentication". United States. https://www.osti.gov/servlets/purl/1160234.
@article{osti_1160234,
title = {Multi-factor authentication},
author = {Hamlet, Jason R and Pierson, Lyndon G},
abstractNote = {Detection and deterrence of spoofing of user authentication may be achieved by including a cryptographic fingerprint unit within a hardware device for authenticating a user of the hardware device. The cryptographic fingerprint unit includes an internal physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generates a PUF value. Combining logic is coupled to receive the PUF value, combines the PUF value with one or more other authentication factors to generate a multi-factor authentication value. A key generator is coupled to generate a private key and a public key based on the multi-factor authentication value while a decryptor is coupled to receive an authentication challenge posed to the hardware device and encrypted with the public key and coupled to output a response to the authentication challenge decrypted with the private key.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2014},
month = {10}
}
Works referenced in this record:
Identification and verification using complex, three-dimensional structural features
patent, June 2003
- Pappu, Ravikanth; Gershenfeld, Neil; Smith, Joshua R.
- US Patent Document 6,584,214
Data processing systems and methods with enhanced bios functionality
patent, May 2008
- Calhoon, Sean; Carr, J. Scott; Rodriguez, Tony F.
- US Patent Document 7,370,190
Reliable generation of a device-specific value
patent, March 2010
- Devadas, Srinivas; Gassend, Blaise
- US Patent Document 7,681,103
Method and system for electronically securing an electronic device using physically unclonable functions
patent, October 2012
- Erhart, Richard A.; Dean, Gregory Lewis; Schwab, Frank
- US Patent Document 8,290,150
Method and system for a secure binding of a revoked X.509 certificate to its corresponding certificate revocation list
patent-application, June 2002
- Benantar, Messaoud
- US Patent Application 09/734809; 20020073310
Authentication of integrated circuits
patent-application, October 2003
- Devadas, Srinivas; Gassend, Blaise; Dijk, Marten Van
- US Patent Application 10/407603; 20030204743
Securely field configurable device
patent-application, September 2006
- Devadas, Srinivas; Ziola, Thomas J.
- US Patent Application 11/272995; 20060209584
Volatile device keys and applications thereof
patent-application, September 2006
- Devadas, Srinivas; Ziola, Thomas
- US Patent Application 11/273920; 20060210082
Integrated Circuit That Uses a Dynamic Characteristic of the Circuit
patent-application, October 2006
- Devadas, Srinivas; Gassend, Blaise
- US Patent Application 11/421577; 20060221686
Data Protection and Cryptographic Functions Using a Device-Specific Value
patent-application, November 2006
- Devadas, Srinivas; Gassend, Blasie
- US Patent Application 11/421582; 20060271792
Reliable Generation of a Device-Specific Value
patent-application, November 2006
- Devadas, Srinivas; Gassend, Blasie
- US Patent Application 11/421588; 20060271793
Method for protecting information carrier comprising an integrated circuit
patent-application, February 2007
- Kahlman, Josephus Arnoldus Henricus Maria; Akkermans, Antonius Hermanus Maria
- US Patent Application 10/576393; 20070038871
Method and system for authentication of a physical object
patent-application, February 2007
- Tuyls, Pim Theo; Denteneer, Theodoru Jacobus Johannes; Linnartz, Johan Paul Marie Gerard
- US Patent Application 10/557628; 20070044139
Information carrier comprising a non-clonable optical identifier
patent-application, June 2007
- Tuyls, Pim Theo; Skoric, Boris; Stallinga, Sjoerd
- US Patent Application 10/579152; 20070125857
Controlling Access to Device-Specific Information
patent-application, August 2007
- Devadas, Srinvas; Gassend, Blaise; Clarke, Dwaine
- US Patent Application 11/421609; 20070183194
System and Method of Reliable Foward Secret Key Sharing with Physical Random Functions
patent-application, February 2008
- Van Dijk, Marten E.
- US Patent Application 10/577756; 20080044027
Sharing a secret by using random function
patent-application, March 2008
- Van Dijk, Marten Erik
- US Patent Application 11/575313; 20080059809
Method, Apparatus, Device, System, Program, for Calibrating
patent-application, June 2008
- Skoric, Boris; Tuyls, Pim Theo; Akkermans, Antonius Hermanus Maria
- US Patent Application 11/815019; 20080141364
Integrated Physical Unclonable Function (Puf) with Combined Sensor and Display
patent-application, September 2008
- Ophey, William Gerard; Skoric, Boris; Tuyls, Pim Theo
- US Patent Application 12/090414; 20080231418
Authentication with Physical Unclonable Functions
patent-application, March 2009
- Ziola, Thomas; Paral, Zdenek; Devadas, Srinivas
- US Patent Application 12/234095; 20090083833
Volatile Device Keys And Applications Thereof
patent-application, October 2009
- Devadas, Srinivas; Ziola, Thomas
- US Patent Application 12/485479; 20090254981
Temperature-Profiled Device Fingerprint Generation and Authentication from Power-Up States of Static Cells
patent-application, December 2009
- Gebara, Fadi H.; Kim, Joonsoo; Schaub, Jeremy D.
- US Patent Application 12/146997; 20090326840
Information Security Apparatus
patent-application, February 2010
- Futa, Yuichi; Yokota, Kaoru; Nonaka, Masao
- US Patent Application 12/443736; 20100031065
Fingerprint Sensor Device and System with Verification Token and Methods of Using
patent-application, April 2010
- Kesanupalli, Ramesh
- US Patent Application 12/561186; 20100083000
Non-Network RFID Authentication
patent-application, May 2010
- Devadas, Srinivas
- US Patent Application 12/623045; 20100127822
Device and Method for Providing Authentication
patent-application, July 2010
- Tuyls, Pim T.; Guajardo Merchan, Jorge
- US Patent Application 12/602857; 20100177898
Securely Field Configurable Device
patent-application, October 2010
- Devadas, Srinivas; Ziola, Thomas
- US Patent Application 12/763254; 20100272255
Method and System for Electronically Securing an Electronic Biometric Device Using Physically Unclonable Functions
patent-application, January 2011
- Erhart, Richard A.; Dean, Gregory L.; Schwab, Frank
- US Patent Application 11/963721; 20110002461
Lightweight Secure Physically Unclonable Functions
patent-application, March 2011
- Koushanfar, Farinaz; Potkonjak, Miodrag
- US Patent Application 12/551209; 20110050279
Combination of Values from a Pseudo-Random Source
patent-application, March 2011
- Yu, Meng-Day
- US Patent Application 12/850849; 20110066670
Authenticating A Device and A User
patent-application, August 2011
- Guajardo Merchan, Jorge; Petkovic, Miland
- US Patent Application 13/119505; 20110191837
Device and Method for Obtaining a Cryptographic Key
patent-application, February 2013
- Handschuh, Helena; Tuyls, Pim Theo
- US Patent Application 13/574311; 20130051552
Robust Authentication Using Physically Unclonable Functions
book, January 2009
- Frikken, Keith B.; Blanton, Marina; Atallah, Mikhail J.
- Lecture Notes in Computer Science
Anti-counterfeiting, key distribution, and key storage in an ambient world via physical unclonable functions
journal, October 2008
- Guajardo, Jorge; Škorić, Boris; Tuyls, Pim
- Information Systems Frontiers, Vol. 11, Issue 1
Remote patient monitoring: Information reliability challenges
conference, October 2009
- Petkovic, Milan
- TELSIKS 2009 - 2009 9th International Conference on Telecommunications in Modern Satellite, Cable, and Broadcasting Services, 2009 9th International Conference on Telecommunication in Modern Satellite, Cable, and Broadcasting Services
Physical Unclonable Functions and Their Applications to Vehicle System Security
conference, April 2009
- Asim, Muhammad; Guajardo, Jorge; Kumar, Sandeep S.
- 2009 IEEE 69th Vehicular Technology Conference Spring, VTC Spring 2009 - IEEE 69th Vehicular Technology Conference
Hardware intrinsic security from D flip-flops
conference, January 2010
- van der Leest, Vincent; Schrijen, Geert-Jan; Handschuh, Helena
- Proceedings of the fifth ACM workshop on Scalable trusted computing - STC '10
Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data
book, January 2004
- Dodis, Yevgeniy; Reyzin, Leonid; Smith, Adam
- Advances in Cryptology - EUROCRYPT 2004
Strong Authentication with Physical Unclonable Functions
book, January 2007
- Tuyls, Pim; Škorić, Boris
- Security, Privacy, and Trust in Modern Data Management
Estimating the Secrecy-Rate of Physical Unclonable Functions with the Context-Tree Weighting Method
conference, December 2006
- Ignatenko, Tanya; Schrijen, Geert-jan; Skoric, Boris
- 2006 IEEE International Symposium on Information Theory
Combining Crypto with Biometrics Effectively
journal, September 2006
- Feng Hao, ; Anderson, R.; Daugman, J.
- IEEE Transactions on Computers, Vol. 55, Issue 9
A Digital 1.6 pJ/bit Chip Identification Circuit Using Process Variations
journal, January 2008
- Su, Ying; Holleman, Jeremy; Otis, Brian P.
- IEEE Journal of Solid-State Circuits, Vol. 43, Issue 1
A technique to build a secret key in integrated circuits for identification and authentication applications
conference, January 2004
- Lee, J. W.; Gassend, B.
- 2004 Symposium on VLSI Circuits. Digest of Technical Papers (IEEE Cat. No.04CH37525)
Energy Scalable Universal Hashing
journal, December 2005
- Kaps, J.; Yuksel, K.; Sunar, B.
- IEEE Transactions on Computers, Vol. 54, Issue 12
Extended abstract: The butterfly PUF protecting IP on every FPGA
conference, June 2008
- Kumar, Sandeep S.; Guajardo, Jorge; Maes, Roel
- 2008 IEEE International Workshop on Hardware-Oriented Security and Trust (HOST)
Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data
journal, January 2008
- Dodis, Yevgeniy; Ostrovsky, Rafail; Reyzin, Leonid
- SIAM Journal on Computing, Vol. 38, Issue 1
LFSR-based Hashing and Authentication
conference, January 1994
- Krawczyk, Hugo; Desmedt, Yvo G.
- Advances in Cryptology — CRYPTO ’94, p. 129-139
Physical unclonable functions for device authentication and secret key generation
conference, January 2007
- Suh, G. Edward; Devadas, Srinivas
- Proceedings of the 44th annual conference on Design automation - DAC '07
Physical Unclonable Functions and Public-Key Crypto for FPGA IP Protection
conference, August 2007
- Guajardo, Jorge; Kumar, Sandeep S.; Schrijen, Geert-Jan
- 2007 International Conference on Field Programmable Logic and Applications
Protecting bus-based hardware IP by secret sharing
conference, January 2008
- Roy, Jarrod A.; Koushanfar, Farinaz; Markov, Igor L.
- Proceedings of the 45th annual conference on Design automation - DAC '08
Works referencing / citing this record:
Access control using impersonization
patent, July 2017
- Roth, Gregory Branchek; Wren, Matthew James; Pratt, Brian Irl
- US Patent Document 9,699,219
Authentication
patent, July 2017
- McCusker, Kealan; Spector, Brian; Scott, Michael
- US Patent Document 9,698,985
System and device binding metadata with hardware intrinsic properties
patent, June 2017
- Walsh, John J.; Wallrabenstein, John Ross
- US Patent Document 9,672,342
System and method for cryptographic key identification
patent, May 2017
- Guajardo Merchan, Jorge; Stahl, Heiko; Lewis, Matthew
- US Patent Document 9,667,419
Protection from data security threats
patent, May 2017
- Roth, Gregory Branchek; Baer, Graeme D.
- US Patent Document 9,660,972
Content sharing system, content sharing method, and information communication apparatus
patent, May 2017
- Miyamoto, Shingo; Icho, Keiji; Ogawa, Kento
- US Patent Document 9,641,501
Method of authenticating a device
patent, January 2017
- Proust, Philippe; Barral, Claude
- US Patent Document 9,544,154
Complete forward access sessions
patent, December 2016
- Roth, Gregory Branchek; Baer, Graeme D.
- US Patent Document 9,521,000
Tamper-protected hardware and method for using same
patent, October 2016
- Kreft, Heinz
- US Patent Document 9,461,826
Access control using impersonization
patent, August 2016
- Roth, Gregory Branchek; Wren, Matthew James; Pratt, Brian Irl
- US Patent Document 9,420,007
Multiple authority data security and access
patent, August 2016
- Roth, Gregory Branchek; Wren, Matthew James
- US Patent Document 9,407,440
Distributed passcode verification system
patent, June 2016
- Roth, Gregory Branchek; Rubin, Gregory Alan
- US Patent Document 9,374,368
Passcode verification using hardware secrets
patent, June 2016
- Roth, Gregory Branchek; Rubin, Gregory Alan; Potlapally, Nachiketh Rao
- US Patent Document 9,369,461
Systems and methods for maintaining integrity and secrecy in untrusted computing platforms
patent, June 2016
- Merchan, Jorge Guajardo; Owusu, Emmanuel Kwame; McCune, Jonathan M.
- US Patent Document 9,367,701
Content-based association of device to user
patent, May 2016
- Jeffrey, Michael; Scherf, Steven D.; Cremer, Markus K.
- US Patent Document 9,356,914
Data security using request-supplied keys
patent, April 2016
- Roth, Gregory Branchek; Brandwine, Eric Jason
- US Patent Document 9,311,500
Source identification for unauthorized copies of content
patent, April 2016
- Roth, Gregory Branchek; Barbour, Marc R.; Behm, Bradley Jeffery
- US Patent Document 9,305,177
Tiered access to on chip features
patent, March 2016
- Sandri, Jason G.; Ahmed, Monib; Walker, Ian S.
- US Patent Document 9,292,713
Hardware secret usage limits
patent, March 2016
- Roth, Gregory Branchek; Rubin, Gregory Alan
- US Patent Document 9,292,711
Adaptive client-aware session security
patent, February 2016
- Roth, Gregory Branchek; Allen, Nicholas Alexander
- US Patent Document 9,270,662
Adaptive client-aware session security as a service
patent, February 2016
- Roth, Gregory Branchek; Allen, Nicholas Alexander
- US Patent Document 9,262,642
Decentralized verification in a distributed system
patent, February 2016
- Roth, Gregory Branchek; Baer, Graeme D.
- US Patent Document 9,258,118
Mutual authentication with symmetric secrets and signatures
patent, February 2016
- Roth, Gregory Branchek; Rubin, Gregory Alan
- US Patent Document 9,258,117
Resource locators with keys
patent, January 2016
- Roth, Gregory Branchek; Brandwine, Eric Jason
- US Patent Document 9,237,019
Key generation for hierarchical data access
patent, December 2015
- Roth, Gregory Branchek; Barbour, Marc R.; Behm, Bradley Jeffery
- US Patent Document 9,215,076
Techniques for client constructed sessions
patent, December 2015
- Roth, Gregory Branchek; Brandwine, Eric Jason; Fitch, Nathan R.
- US Patent Document 9,203,613
Key derivation techniques
patent, November 2015
- Roth, Gregory Branchek; Behm, Bradley Jeffery; Crahen, Eric D.
- US Patent Document 9,197,409
Parameter based key derivation
patent, November 2015
- Roth, Gregory Branchek; Behm, Bradley Jeffery; Crahen, Eric D.
- US Patent Document 9,178,701
Tamper-protected hardware and method for using same
patent, June 2015
- Kreft, Heinz
- US Patent Document 9,071,446