Cloud controlled secure bluetooth pairing for network device management
US-2021044965-A1 · Feb 11, 2021 · US
Authentication using an ephemeral asymmetric keypair
US12362948B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12362948-B2 |
| Application number | US-202117915367-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 26, 2021 |
| Priority date | Apr 7, 2020 |
| Publication date | Jul 15, 2025 |
| Grant date | Jul 15, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A prover chip uses a key multiplier value generated by a proof-of-work function from a challenge value, a random number, and elliptic curve cryptography (ECC) techniques to generate a one-time (or ephemeral) use private key. Similarly, a verifier chip uses the key multiplier value generated by an equivalent proof-of-work function, a public key received from the prover, and ECC techniques to derive a one-time use public key that corresponds to the ephemeral private key generated by the prover chip. The prover chip uses the ephemeral private key to sign the second challenge value and send this signed second challenge value to the verifier chip. The verifier verifies the value it receives using the one-time use public key and if the signature on the second challenge value is valid, authenticates the prover chip to a system.
First claim
Opening claim text (preview).
What is claimed is: 1. An at-risk system component, comprising: an interface to communicate with a system when the at-risk system component is installed in the system, the interface to receive, via the system, a first challenge value; a first memory to provide a first keysplit value to an ephemeral key calculator; a proof-of-work function to, based on the first challenge value, provide a key multiplier value to the ephemeral key calculator; the ephemeral key calculator to, based on at least the first keysplit value and the key multiplier value, calculate an ephemeral key value; and public key encryption circuitry to calculate, based at least on the ephemeral key value and a second challenge value, a response value to be communicated to the system via the interface. 2. The at-risk system component of claim 1 , further comprising: a physically unclonable function to provide a second keysplit value to the ephemeral key calculator, the ephemeral key calculator to calculate the ephemeral key value further based on the second keysplit value. 3. The at-risk system component of claim 1 , further comprising: a random number generator to provide a random mask value to the ephemeral key calculator. 4. The at-risk system component of claim 3 , wherein the ephemeral key calculator is to use the random mask value to obscure the key multiplier value from potential side channel analysis attacks. 5. The at-risk system component of claim 1 , wherein the first challenge value and the second challenge value are to be equal. 6. The at-risk system component of claim 1 , wherein the proof-of-work function is to, based on the first challenge value, provide the second challenge value to the public key encryption circuitry. 7. The at-risk system component of claim 1 , wherein the ephemeral key calculator uses elliptic curve cryptography to calculate the ephemeral key value. 8. The at-risk system component of claim 1 , wherein the system is configured to be a printing system and the replaceable system component is a cartridge to be installed in the printing system. 9. A verifier integrated circuit, comprising: an interface to communicate with a system, and communicate with, via the system, a replaceable system component, the interface to communicate to the replaceable system component a first challenge value and to receive, from the replaceable system component a public key value and a response value; an ephemeral key calculator; a proof-of-work function to, based on the first challenge value, provide a key multiplier value to the ephemeral key calculator; the ephemeral key calculator to, based on at least the public key value and the key multiplier value, calculate an ephemeral public key value; and public key encryption circuitry to determine, based at least on the ephemeral public key value, the response value, and a second challenge value, whether the replaceable system component is indicated to be authentic. 10. The verifier integrated circuit of claim 9 , wherein the first challenge value and the second challenge value are to be equal. 11. The verifier integrated circuit of claim 9 , wherein the proof-of-work function is to, based on the first challenge value, provide the second challenge value to the public key encryption circuitry. 12. The verifier integrated circuit of claim 9 , wherein the ephemeral key calculator uses elliptic curve cryptography to calculate the ephemeral public key value. 13. The verifier integrated circuit of claim 9 , wherein the system is configured to be a printing system and the replaceable system component is a cartridge to be installed in the printing system. 14. A challenge-response authentication system, comprising: a prover integrated circuit that includes first proof-of work circuitry and a memory storing a first private keysplit value; a verifier integrated circuit that includes second proof-of-work circuitry, the verifier integrated circuit to communicate with the prover integrated circuit; the prover integrated circuit to receive a first challenge value transmitted by the verifier integrated circuit; the prover integrated circuit to transform the first challenge value into a second challenge value using the first proof-of-work circuitry; the verifier integrated circuit to transform the first challenge value into the second challenge value using the second proof-of-work circuitry; the prover integrated circuit to calculate an ephemeral private key value based at least in part on the second challenge value and the first private keysplit value; the verifier integrated circuit to calculate an ephemeral public key based at least in part on the second challenge value and a public key transmitted by the prover integrated circuit; the prover integrated circuit encrypting the second challenge value to generate a response value; and the verifier integrated circuit to determine an authenticity of the prover integrated circuit at least in part on a version of the response value that has been decrypted using the ephemeral public key. 15. The challenge-response authentication system of claim 14 , wherein the prover integrated circuit further includes a physically unclonable function to generate a second private key value. 16. The challenge-response authentication system of claim 15 , wherein the ephemeral private key value is to be further based on the second private key value. 17. The challenge-response authentication system of claim 14 , wherein the prover integrated circuit further generates a random mask value. 18. The challenge-response authentication system of claim 17 , wherein the random mask value is used by the prover integrated circuit to obscure calculation of the ephemeral private key value from potential side channel analysis attacks. 19. The challenge-response authentication system of claim 14 , wherein the first proof-of-work circuitry is to, based on the first challenge value, provide the second challenge value to public key encryption circuitry. 20. The challenge-response authentication system of claim 14 , wherein ephemeral private key value calculations are based at least in part on elliptic curve cryptography.
Assignees
Inventors
Classifications
using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs · CPC title
involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing · CPC title
using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates · CPC title
involving digital signatures · CPC title
involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements (network architectures or network communication protocols for supporting authentication of entities using certificates in a packet data network H04L63/0823) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12362948B2 cover?
- A prover chip uses a key multiplier value generated by a proof-of-work function from a challenge value, a random number, and elliptic curve cryptography (ECC) techniques to generate a one-time (or ephemeral) use private key. Similarly, a verifier chip uses the key multiplier value generated by an equivalent proof-of-work function, a public key received from the prover, and ECC techniques to der…
- Who is the assignee on this patent?
- Cryptography Res Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3271. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 15 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).