Patents by Inventor Burton Kaliski

Burton Kaliski has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20080065892
    Abstract: In one aspect, a first processing device, which may be an authentication token, establishes a shared key through a pairing protocol carried out between the first processing device and a second processing device. The pairing protocol also involves communication between the second processing device and an authentication server. As part of the pairing protocol, the first processing device sends identifying information to the second processing device, and the second processing device utilizes the identifying information to obtain the shared key from the authentication server. The first processing device encrypts authentication information utilizing the shared key, and transmits the encrypted authentication information from the first processing device to the second processing device. The second processing device utilizes the shared key to decrypt the encrypted authentication information.
    Type: Application
    Filed: November 13, 2007
    Publication date: March 13, 2008
    Inventors: Daniel Bailey, John Brainard, Ari Juels, Burton Kaliski
  • Publication number: 20080009345
    Abstract: Techniques for providing authentication functionality in a gaming system are disclosed. In one aspect, a gaming system is configured such that, at a given point during a current session of a game in progress that involves at least one user previously granted access by the system to participate in the current session, information available from an authentication token associated with the user is obtained prior to allowing the user to take a particular action in the game. A determination is made as to whether or not the user will be allowed to take the particular action in the game, based on the obtained information. The obtained information may comprise, for example, at least a portion of a one-time password generated by a hardware or software authentication token.
    Type: Application
    Filed: July 9, 2007
    Publication date: January 10, 2008
    Inventors: Daniel Bailey, Burton Kaliski, Ari Juels, Ronald Rivest
  • Publication number: 20070186105
    Abstract: A first processing device, which may be, for example, a wireless authentication token or an RFID tag, transmits information in a wireless network in a manner that emulates standard communications of an access point of the wireless network, although the first processing device is not configured to operate as an actual access point of the wireless network. A second processing device, which may be, for example, a computer or other station of the wireless network, receives the transmitted information and is able to determine therefrom that the information originates from an emulated access point rather than an actual access point. The second processing device responds to this condition by utilizing the transmitted information in a manner distinct from its utilization of similar information received from the actual access point of the wireless network.
    Type: Application
    Filed: February 5, 2007
    Publication date: August 9, 2007
    Inventors: Daniel Bailey, John Brainard, Ari Juels, Burton Kaliski
  • Publication number: 20070113294
    Abstract: A multimedia device or other type of processing device comprises a memory, a processor coupled to the memory, and playback circuitry coupled to the processor. In one aspect, the processor is operative to control the storage in the memory of at least one multimedia file containing a one-time password or other type of password, where the password is generated externally to the processing device, and to control the playback of the multimedia file via the playback circuitry to make the password apparent to or otherwise accessible to an associated user or other entity. The multimedia file may comprise, for example, an audio file, with the password being presented to the user in an audible form upon playback of the audio file. As another example, the multimedia file may comprise a video file, with the password being presented to the user in a visible form upon playback of the video file.
    Type: Application
    Filed: November 3, 2006
    Publication date: May 17, 2007
    Inventors: John Field, Burton Kaliski, Magnus Nystrom, James Townsend
  • Publication number: 20070061566
    Abstract: In a system comprising a transient storage device (TSD) or other type of peripheral configured for communication with a host device, a first one-time password or other type of code is generated in the peripheral and transmitted to the host device. The first code is presented by the host device to an authentication server for authentication. The host device receives a second one-time password or other type of code from the authentication server and transmits it to the peripheral for authentication.
    Type: Application
    Filed: September 11, 2006
    Publication date: March 15, 2007
    Inventors: Daniel Bailey, John Brainard, Burton Kaliski, Michael Szydlo
  • Publication number: 20060256961
    Abstract: In one embodiment of a user authentication system and method according to the invention, a device shares a secret, referred to as a master seed, with a server. The device and the server both derive one or more secrets, referred to as verifier seeds, from the master seed, using a key derivation function. The server shares a verifier seed with one or more verifiers. The device, or an entity using the device, can authenticate with one of the verifiers using the appropriate verifier seed. In this way, the device and the verifier can share a secret, the verifier seed for that verifier, without that verifier knowing the master seed, or any other verifier seeds. Thus, the device need only store the one master seed, have access to the information necessary to correctly derive the appropriate seed, and have seed derivation capability. A verifier cannot compromise the master seed, because the verifier does not have access to the master seed.
    Type: Application
    Filed: November 2, 2005
    Publication date: November 16, 2006
    Applicant: RSA Security Inc.
    Inventors: John Brainard, Burton Kaliski, Magnus Nystrom, Ronald Rivest
  • Publication number: 20060041759
    Abstract: A method of protecting a password being used to establish interaction between a user and an application includes detecting a request for the password from the application by receiving a notification from the user indicating the request. The method further includes combining the password with information identifying the application, so as to produce a protected password, and authenticating to the application using the protected password. The method may also include a mutual authentication capability between user and the application.
    Type: Application
    Filed: June 30, 2005
    Publication date: February 23, 2006
    Applicant: RSA Security, Inc.
    Inventors: Burton Kaliski, Magnus Nystrom
  • Publication number: 20050036615
    Abstract: Techniques are disclosed for partitioning of cryptographic functionality, such as authentication code verification or generation ability, so as to permit delegation of at least one of a number of distinct portions of the cryptographic functionality from a delegating device to at least one recipient device. The cryptographic functionality is characterizable as a graph comprising a plurality of nodes, and a given set of the nodes is associated with a corresponding one of the distinct portions of the cryptographic functionality. Information representative of one or more of the nodes is transmitted from the delegating device to the recipient device such that the recipient device is thereby configurable for authorized execution of a corresponding one of the distinct portions of the cryptographic functionality. Advantageously, the invention provides a particularly efficient mechanism for the provision of cryptographic functionality in accordance with a subscription model.
    Type: Application
    Filed: July 31, 2003
    Publication date: February 17, 2005
    Inventors: Bjorn Jakobsson, Burton Kaliski
  • Patent number: 6240184
    Abstract: A system, method, and data structure provide for securely synchronizing passwords and/or other information between systems. The password-related information is stored in the systems in a secure manner, and a user or some other, external agent participates actively in the transmission of a new password between systems. A password update file is communicated or shared between systems to synchronize passwords.
    Type: Grant
    Filed: September 2, 1998
    Date of Patent: May 29, 2001
    Assignee: RSA Security Inc.
    Inventors: Dung Huynh, Matthew Robshaw, Ari Juels, Burton Kaliski, Jr.