View All Documents & Correspondence
User Authentication
Abstract: Method and system for user authentication are described. The method comprises receiving an authentication code from an application server (108) seeking authentication of the user. Further, a private key of the user is computed in real time based on a user identity (ID) of the user and a master secret key of the PKG. The method further comprises, ascertaining a verification code based on the private key of the user and a verification timestamp, wherein the verification timestamp indicates a time at which the ascertaining of the verification code was initiated. Further, the authentication code is compared with the verification code. Further, the method comprises authenticating the user based on the comparison.
Notices, Deadlines & Correspondence
Patent Information
Applicants
TATA CONSULTANCY SERVICES LIMITED
Inventors
1. ALASINGARA BHATTACHAR, Rajan Mindigal
2. LOKAMATHE, Shivraj Vijayshankar
3. ADIGA, Barkur Suryanarayana
4. PURUSHOTHAMAN, Balamuralidhar
5. CHAMARTY, Sitaram Venkata
Specification
CLIAMS:1. A computer implemented method for authenticating a user, wherein the method comprises:
receiving, by a private key generator (PKG) (110), an authentication code from an application server (108) seeking authentication of the user;
computing, by the PKG (110), a private key of the user in real time based on a user identity (ID) of the user and a master secret key of the PKG (110);
ascertaining, by the PKG (110), a verification code based on the private key of the user and a verification timestamp, wherein the verification timestamp indicates a time at which the ascertaining of the verification code was initiated;
comparing, by the PKG (110), the authentication code with the verification code; and
authenticating, by the PKG (110), the user based on the comparison.
2. The method as claimed in claim 1, wherein the method further comprises receiving the user ID of the user from the application server (108).
3. The method as claimed in claim 1, wherein the computing comprises:
obtaining a public key of the user based on the user ID; and
performing a scalar multiplication between the public key and the master secret key of the PKG, wherein the master secret key is a random integer selected from within a range of one to one less than a prime number(p).
4. The method as claimed in claim 3, wherein the public key of the user is a point on a super-singular elliptic curve, and wherein the super-singular elliptic curve is determined based on the prime number, and wherein the prime number (p) is based on a first variable (c) and Nth power of two, wherein N is an integer, and wherein base two logarithm of the first variable (c) has a minimum value greater than zero and a maximum value equal to half the value of the N given by the equation log2c = (1/2)N, and wherein the prime number (p) is congruent to 3 (mod 4), and wherein bit length of the prime number (p) is of at least 512 bits.
5. The method as claimed in any of the preceding claims, wherein the ascertaining comprises performing a scalar multiplication between the private key of the user and the verification timestamp.
6. The method as claimed in claim 1, wherein the method further comprises:
generating, by the PKG (110), a one time password (OTP) based on the private key of the user and a OTP timestamp, wherein the OTP timestamp indicates a time at which the generation of the OTP was initiated, and wherein the OTP is the authentication code; and
transmitting, by the PKG (110), the OTP to a user device (102) of the user for authentication of the user.
7. A private key generator (110) comprising:
a processor (114);
a communication module (124) coupled to the processor (114) to receive an authentication code from an application server seeking authentication of a user;
a key generation module (126) coupled to the processor (114) to compute a private key of the user in real time based on a user identity (ID) of the user and a master secret key of the private key generator (110);
a code generation module (128) coupled to the processor (114) to ascertain a verification code based on the private key of the user and a verification timestamp, wherein the verification timestamp indicates a time at which the ascertaining of the verification code was initiated; and
an authentication module (130) coupled to the processor (114) to,
compare the authentication code with the verification code; and
authenticate the user based on the comparison.
8. The private key generator (110) as claimed in claim 7, wherein the communication module (124) further receives the user ID
9. The private key generator (110) as claimed in claim 7, wherein the key generation module (126) further performs a scalar multiplication between a public key of the user and the master secret key of the private key generator (110), wherein the public key of the user is obtained based on the user ID.
10. The private key generator (110) as claimed in claim 7, wherein the code generation module (128) further performs a scalar multiplication between the private key of the user and the verification timestamp.
11. The private key generator (110) as claimed in any one of the claims 9 to10, wherein the public key of the user is a point on a super-singular elliptic curve, and wherein the super-singular elliptic curve is determined based on a prime number, and wherein the prime number is based on a first variable (c) and Nth power of two, wherein N is an integer, and wherein base two logarithm of the first variable (c) has a minimum value greater than zero and a maximum value equal to half the value of the N given by the equation log2c = (1/2)N, and wherein the prime number (p) is congruent to 3 (mod 4), and wherein bit length of the prime number (p) is of at least 512 bits.
12. The private key generator (110) as claimed in claim 7, wherein the code generation module (128) further generates a one time password (OTP) for authentication of the user based on the private key of the user and an OTP timestamp, wherein the OTP timestamp indicates a time at which the generation of the OTP was initiated, and wherein the OTP is the authentication code.
13. The private key generator (110) as claimed in claim 12, wherein the communication module (124) further transmits the OTP to a user device (102) of the user.
14. A computer-readable medium having embodied thereon a computer program for user authentication, the method comprising:
receiving an authentication code from an application server (108) seeking authentication of the user;
computing a private key of the user in real time based on a user identity (ID) of the user and a master secret key of a private key generator (PKG);
ascertaining a verification code based on the private key of the user and a verification timestamp, wherein the verification timestamp indicates a time at which the ascertaining of the verification code was initiated;
comparing the authentication code with the verification code; and
authenticating the user based on the comparison.
,TagSPECI:As Attached
Documents
Application Documents
| # | Name | Date |
|---|---|---|
| 1 | 771-MUM-2014-Request For Certified Copy-Online(18-03-2015).pdf | 2015-03-18 |
| 2 | SPECIFICATION.pdf | 2018-08-11 |
| 3 | PD011837IN-SC_Request for Priority Documents-PCT.pdf | 2018-08-11 |
| 4 | FORM 5.pdf | 2018-08-11 |
| 5 | FORM 3.pdf | 2018-08-11 |
| 6 | FIGURES.pdf | 2018-08-11 |
| 7 | ABSTRACT1.jpg | 2018-08-11 |
| 8 | 771-MUM-2014-Power of Attorney-130215.pdf | 2018-08-11 |
| 9 | 771-MUM-2014-FORM 18.pdf | 2018-08-11 |
| 10 | 771-MUM-2014-FORM 1(1-4-2014).pdf | 2018-08-11 |
| 11 | 771-MUM-2014-Correspondence-130215.pdf | 2018-08-11 |
| 12 | 771-MUM-2014-CORRESPONDENCE(1-4-2014).pdf | 2018-08-11 |
| 13 | 771-MUM-2014-FER.pdf | 2019-01-08 |
| 14 | 771-MUM-2014-Information under section 8(2) (MANDATORY) [03-07-2019(online)].pdf | 2019-07-03 |
| 15 | 771-MUM-2014-FORM 3 [03-07-2019(online)].pdf | 2019-07-03 |
| 16 | 771-MUM-2014-OTHERS [08-07-2019(online)].pdf | 2019-07-08 |
| 17 | 771-MUM-2014-FER_SER_REPLY [08-07-2019(online)].pdf | 2019-07-08 |
| 18 | 771-MUM-2014-DRAWING [08-07-2019(online)].pdf | 2019-07-08 |
| 19 | 771-MUM-2014-COMPLETE SPECIFICATION [08-07-2019(online)].pdf | 2019-07-08 |
| 20 | 771-MUM-2014-CLAIMS [08-07-2019(online)].pdf | 2019-07-08 |
| 21 | 771-MUM-2014-ABSTRACT [08-07-2019(online)].pdf | 2019-07-08 |
| 22 | 771-MUM-2014-Correspondence to notify the Controller [07-01-2021(online)].pdf | 2021-01-07 |
| 23 | 771-MUM-2014-Written submissions and relevant documents [25-01-2021(online)].pdf | 2021-01-25 |
| 24 | 771-MUM-2014-US(14)-HearingNotice-(HearingDate-11-01-2021).pdf | 2021-10-03 |
| 25 | 771-MUM-2014-US(14)-ExtendedHearingNotice-(HearingDate-15-01-2021).pdf | 2021-10-03 |
| 26 | 771-MUM-2014-PatentCertificate09-03-2022.pdf | 2022-03-09 |
| 27 | 771-MUM-2014-IntimationOfGrant09-03-2022.pdf | 2022-03-09 |
| 28 | 771-MUM-2014-RELEVANT DOCUMENTS [26-09-2023(online)].pdf | 2023-09-26 |
Search Strategy
| 1 | SEARCHSTRATEGYFOR771_08-01-2019.pdf |