US Patent:
20080184029, Jul 31, 2008
Inventors:
John B. Sims - Littleton CO, US
Jeffrey W. Calog - Morrison CO, US
International Classification:
H04L 9/00
Abstract:
A method and system for authenticating the identity of a client device that is calling a remotely located server over a network. A client device inputs information pertaining to a hardware characteristic and a network address thereof into a cryptographic hash function stored on the client device. The hash function computes a unique registration ID hash code and presents it to the system server during a registration process. The system server then generates a digital certificate having a system-side key (i.e., public key). A client-side key (i.e., private key) is provided to the client device. For all future calls to the system server, the client device re-computes its registration ID hash code and then digitally signs it using its client-side key. The system server then uses its system-side key to examine the digitally signed registration ID hash code to authenticate the identity of the client device. Since the registration ID hash code is not stored on the client device, but rather re-computed each time the client device makes a call to the system server, a high degree of security is achieved.