Patents by Inventor John G. Brainard

John G. Brainard has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9923718
    Abstract: In one aspect, a method comprises the steps of deriving a base point on an elliptic curve in a first processing device, generating authentication information in the first processing device utilizing the base point and a private key of the first processing device, and transmitting the authentication information from the first processing device to a second processing device. The base point on the elliptic curve may be derived, for example, by applying a one-way function to a current time value, or by computation based on a message to be signed.
    Type: Grant
    Filed: August 7, 2013
    Date of Patent: March 20, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Daniel Vernon Bailey, John G. Brainard, Ari Juels, Burton S. Kaliski, Jr.
  • Patent number: 9667611
    Abstract: Improved techniques involve selecting a set of authentication factors from among multiple factors based on a current situation and information about how well the multiple authentication factors have worked in similar situations in the past. Along these lines, when an authentication system performs an authentication operation on a requesting party, the authentication system first assesses a situational environment. Based on the assessment of the situational environment, the authentication system decides that it is necessary to re-authenticate the requesting party. In some arrangements, the authentication system may determine which set of factors has the highest likelihood of successfully verifying the user's identity when compared with other authentication factors. The authentication system then carries out an authentication operation on the selected set of factors and bases a successful authentication result on whether the selected set of factors can be verified.
    Type: Grant
    Filed: March 31, 2014
    Date of Patent: May 30, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Lawrence N. Friedman, Yedidya Dotan, Gareth Richards, Daniel V. Bailey, William M. Duane, John G. Brainard
  • Patent number: 9467293
    Abstract: A method and system for use in generating authentication codes associated with devices is disclosed. In at least one embodiment, the method and system may generate a secret value that depends on event state data that specifies an operating condition of a device, and may generate a series of authentication codes that depends on the secret value and a series of dynamic values.
    Type: Grant
    Filed: December 22, 2010
    Date of Patent: October 11, 2016
    Assignee: EMC Corporation
    Inventors: John G. Brainard, Ari Juels
  • Patent number: 9306942
    Abstract: A method, system, and apparatus for agile generation of one time passcodes (OTPs) in a security environment, the security environment having a token generator comprising a token generator algorithm and a validator, the method comprising generating a OTP at the token generator according to a variance technique; wherein the variance technique is selected from a set of variance techniques, receiving the OTP at a validator, determining, at the validator, the variance technique used by the token generator to generate the OTP, and determining whether to validate the OTP based on the OTP and variance technique.
    Type: Grant
    Filed: May 13, 2015
    Date of Patent: April 5, 2016
    Assignee: EMC Corporation
    Inventors: Daniel Vernon Bailey, John G Brainard, William M Duane, Michael J O'Malley, Robert S Philpott
  • Patent number: 9306741
    Abstract: A method is used in updating keys for use in authentication. A cryptographic operation is performed based on a stored representation of a higher-level key. The cryptographic operation results in a derived key. The derived key is used for authentication. A key update operation is applied to replace the derived key after authentication.
    Type: Grant
    Filed: December 22, 2010
    Date of Patent: April 5, 2016
    Assignee: EMC Corporation
    Inventor: John G. Brainard
  • Patent number: 9137012
    Abstract: A first processing device, which may be, for example, a wireless authentication token or an RFID tag, transmits information in a wireless network in a manner that emulates standard communications of an access point of the wireless network, although the first processing device is not configured to operate as an actual access point of the wireless network. A second processing device, which may be, for example, a computer or other station of the wireless network, receives the transmitted information and is able to determine therefrom that the information originates from an emulated access point rather than an actual access point. The second processing device responds to this condition by utilizing the transmitted information in a manner distinct from its utilization of similar information received from the actual access point of the wireless network.
    Type: Grant
    Filed: February 5, 2007
    Date of Patent: September 15, 2015
    Assignee: EMC Corporation
    Inventors: Daniel Vernon Bailey, John G. Brainard, Ari Juels, Burton S. Kaliski, Jr.
  • Patent number: 9118663
    Abstract: A method, system, and apparatus for agile generation of one time passcodes (OTPs) in a security environment, the security environment having a token generator comprising a token generator algorithm and a validator, the method comprising generating a OTP at the token generator according to a variance technique; wherein the variance technique is selected from a set of variance techniques, receiving the OTP at a validator, determining, at the validator, the variance technique used by the token generator to generate the OTP, and determining whether to validate the OTP based on the OTP and variance technique.
    Type: Grant
    Filed: August 5, 2014
    Date of Patent: August 25, 2015
    Assignee: EMC Corporation
    Inventors: Daniel Vernon Bailey, John G Brainard, William M Duane, Michael J O'Malley, Robert S. Philpott
  • Patent number: 8875263
    Abstract: A technique controls a soft token running within an electronic apparatus. The technique involves providing an initial series of authentication codes based on a first set of machine states. The initial series of authentication codes is provided from the electronic apparatus to a server through a forward channel to authenticate a user. The technique further involves receiving a command from the server through a reverse channel between the electronic apparatus and the server. The reverse channel provides communications in a direction opposite to that of the forward channel. The technique further involves changing the first set of machine states to a second set of machine states in response to the command, and providing a new series of authentication codes based on the second set of machine states. The new series of authentication codes is provided from the electronic apparatus to the server through the forward channel for user authentication.
    Type: Grant
    Filed: March 29, 2012
    Date of Patent: October 28, 2014
    Assignee: EMC Corporation
    Inventors: Marten van Dijk, Kevin D. Bowers, John G. Brainard, Samuel Curry, Sean P. Doyle, Michael J. O'Malley, Nikolaos Triandopoulos
  • Patent number: 8850538
    Abstract: A method, system, and apparatus for agile generation of one time passcodes (OTPs) in a security environment, the security environment having a token generator comprising a token generator algorithm and a validator, the method comprising generating a OTP at the token generator according to a variance technique; wherein the variance technique is selected from a set of variance techniques, receiving the OTP at a validator, determining, at the validator, the variance technique used by the token generator to generate the OTP, and determining whether to validate the OTP based on the OTP and variance technique.
    Type: Grant
    Filed: October 21, 2013
    Date of Patent: September 30, 2014
    Assignee: EMC Corporation
    Inventors: Daniel Bailey Vernon, John G Brainard, William M Duane, Michael J O'Malley, Robert S Philpott
  • Patent number: 8699715
    Abstract: A first cryptographic device is configured to store secret information that is refreshed in each of a plurality of epochs. The first cryptographic device receives an epoch control signal, and adjusts at least one epoch responsive to the received epoch control signal. Refreshed secret information associated with an adjusted epoch is utilized to authenticate the first cryptographic device to at least a second cryptographic device, where the second cryptographic device and one or more additional cryptographic devices store respective portions of the secret information in a distributed manner. By way of example, the epoch control signal may comprise an epoch advance signal directing that the first cryptographic device advance from a current one of the epochs to a subsequent one of the epochs. In an illustrative embodiment, the first cryptographic device comprises an authentication token and the second cryptographic device comprises an authentication server.
    Type: Grant
    Filed: March 27, 2012
    Date of Patent: April 15, 2014
    Assignee: EMC Corporation
    Inventors: Ari Juels, John G. Brainard, Robert Damon Hopley
  • Patent number: 8631475
    Abstract: A method is used in ordering inputs for order dependent processing. Ordered inputs are derived from original inputs. The ordered inputs have an order based on values of the original inputs. Order dependent processing logic is applied to the ordered inputs, to produce a result that is derived from the original inputs.
    Type: Grant
    Filed: December 21, 2011
    Date of Patent: January 14, 2014
    Assignee: EMC Corporation
    Inventors: Michael J. O'Malley, John G. Brainard
  • Patent number: 8607045
    Abstract: In a system comprising a transient storage device (TSD) or other type of peripheral configured for communication with a host device, a first one-time password or other type of code is generated in the peripheral and transmitted to the host device. The first code is presented by the host device to an authentication server for authentication. The host device receives a second one-time password or other type of code from the authentication server and transmits it to the peripheral for authentication.
    Type: Grant
    Filed: September 11, 2006
    Date of Patent: December 10, 2013
    Assignee: EMC Corporation
    Inventors: Daniel Vernon Bailey, John G. Brainard, Burton S. Kaliski, Jr., Michael Szydlo
  • Publication number: 20130322622
    Abstract: In one aspect, a method comprises the steps of deriving a base point on an elliptic curve in a first processing device, generating authentication information in the first processing device utilizing the base point and a private key of the first processing device, and transmitting the authentication information from the first processing device to a second processing device. The base point on the elliptic curve may be derived, for example, by applying a one-way function to a current time value, or by computation based on a message to be signed.
    Type: Application
    Filed: August 7, 2013
    Publication date: December 5, 2013
    Applicant: EMC Corporation
    Inventors: Daniel Vernon Bailey, John G. Brainard, Ari Juels, Burton S. Kaliski, JR.
  • Patent number: 8566916
    Abstract: A method, system, and apparatus for agile generation of one time passcodes (OTPs) in a security environment, the security environment having a token generator comprising a token generator algorithm and a validator, the method comprising generating a OTP at the token generator according to a variance technique; wherein the variance technique is selected from a set of variance techniques, receiving the OTP at a validator, determining, at the validator, the variance technique used by the token generator to generate the OTP, and determining whether to validate the OTP based on the OTP and variance technique.
    Type: Grant
    Filed: October 30, 2012
    Date of Patent: October 22, 2013
    Assignee: EMC Corporation
    Inventors: Daniel Bailey Vernon, John G Brainard, William M Duane, Michael J O'Malley, Robert S Philpott
  • Patent number: 8495372
    Abstract: In one aspect, a first processing device, which may be an authentication token, establishes a shared key through a pairing protocol carried out between the first processing device and a second processing device. The pairing protocol also involves communication between the second processing device and an authentication server. As part of the pairing protocol, the first processing device sends identifying information to the second processing device, and the second processing device utilizes the identifying information to obtain the shared key from the authentication server. The first processing device encrypts authentication information utilizing the shared key, and transmits the encrypted authentication information from the first processing device to the second processing device. The second processing device utilizes the shared key to decrypt the encrypted authentication information.
    Type: Grant
    Filed: November 13, 2007
    Date of Patent: July 23, 2013
    Assignee: EMC Corporation
    Inventors: Daniel Vernon Bailey, John G. Brainard, Ari Juels, Burton S. Kaliski, Jr.
  • Patent number: 8438617
    Abstract: An authentication server authenticates a first user, and generates a voucher code that is provided to the authenticated first user. The first user may provide the voucher code to a second user, responsive to a request by the second user for the first user to vouch for the second user, to thereby allow the second user to be authenticated. The authentication server receives the voucher code from the second user, and authenticates the second user based on the voucher code. The authenticated second user may be provided with a temporary password or other type of code utilizable for at least one additional authentication.
    Type: Grant
    Filed: October 29, 2007
    Date of Patent: May 7, 2013
    Assignee: EMC Corporation
    Inventors: John G. Brainard, Ari Juels, Ronald L. Rivest, Michael Szydlo
  • Patent number: 8312519
    Abstract: A method, system, and apparatus for agile generation of one time passcodes (OTPs) in a security environment, the security environment having a token generator comprising a token generator algorithm and a validator, the method comprising generating a OTP at the token generator according to a variance technique; wherein the variance technique is selected from a set of variance techniques, receiving the OTP at a validator, determining, at the validator, the variance technique used by the token generator to generate the OTP, and determining whether to validate the OTP based on the OTP and variance technique.
    Type: Grant
    Filed: September 30, 2010
    Date of Patent: November 13, 2012
    Inventors: Daniel V Bailey, John G. Brainard, William M. Duane, Michael J. O'Malley, Robert S. Phipott
  • Publication number: 20090113530
    Abstract: An authentication server authenticates a first user, and generates a voucher code that is provided to the authenticated first user. The first user may provide the voucher code to a second user, responsive to a request by the second user for the first user to vouch for the second user, to thereby allow the second user to be authenticated. The authentication server receives the voucher code from the second user, and authenticates the second user based on the voucher code. The authenticated second user may be provided with a temporary password or other type of code utilizable for at least one additional authentication.
    Type: Application
    Filed: October 29, 2007
    Publication date: April 30, 2009
    Inventors: John G. Brainard, Ari Juels, Ronald L. Rivest, Michael Szydlo
  • Patent number: 7502467
    Abstract: In one embodiment of a user authentication system and method according to the invention, a device shares a secret, referred to as a master seed, with a server. The device and the server both derive one or more secrets, referred to as verifier seeds, from the master seed, using a key derivation function. The server shares a verifier seed with one or more verifiers. The device, or an entity using the device, can authenticate with one of the verifiers using the appropriate verifier seed. In this way, the device and the verifier can share a secret, the verifier seed for that verifier, without that verifier knowing the master seed, or any other verifier seeds. Thus, the device need only store the one master seed, have access to the information necessary to correctly derive the appropriate seed, and have seed derivation capability. A verifier cannot compromise the master seed, because the verifier does not have access to the master seed.
    Type: Grant
    Filed: November 2, 2005
    Date of Patent: March 10, 2009
    Assignee: RSA Security Inc.
    Inventors: John G. Brainard, Burton S. Kaliski, Jr., Magnus Nyström, Ronald L. Rivest
  • Patent number: 7363494
    Abstract: A time-based method for generating an authentication code associated with an entity uses an authentication code generated from a secret, a dynamic, time-varying variable, and the number of previous authentication code generations within the particular time interval. Other information such as a personal identification number (PIN) and a verifier identifier can also be combined into the authentication code.
    Type: Grant
    Filed: December 4, 2001
    Date of Patent: April 22, 2008
    Assignee: RSA Security Inc.
    Inventors: John G. Brainard, Burton S. Kaliski, Jr., Ronald L. Rivest