US 11,757,864 B1
Certificate authentication
Darshak Thakore, Broomfield, CO (US); Stuart Hoggan, Longmont, CO (US); Dave Belt, Morrison, CO (US); and Amol Bhagwat, Louisville, CO (US)
Assigned to Cable Television Laboratories, Inc., Louisville, CO (US)
Filed by Cable Television Laboratories, Inc., Louisville, CO (US)
Filed on Feb. 2, 2021, as Appl. No. 17/165,065.
Application 17/165,065 is a continuation of application No. 15/942,825, filed on Apr. 2, 2018, granted, now 10,911,435.
Application 15/942,825 is a continuation of application No. 14/953,543, filed on Nov. 30, 2015, granted, now 9,935,938, issued on Apr. 3, 2018.
Application 14/953,543 is a continuation of application No. 13/798,290, filed on Mar. 13, 2013, granted, now 9,203,832, issued on Dec. 1, 2015.
Claims priority of provisional application 61/778,187, filed on Mar. 12, 2013.
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 9/08 (2006.01)
CPC H04L 63/0823 (2013.01) [H04L 63/029 (2013.01); H04L 63/0428 (2013.01); H04L 63/06 (2013.01); H04L 63/0869 (2013.01); H04L 63/12 (2013.01); H04L 63/166 (2013.01); H04L 9/0841 (2013.01)] 11 Claims
OG exemplary drawing
 
1. A method of certificate authenticating comprising:
generating a nonce at a server operating independently of a first device and a second device, the nonce being previously unknown to the first and second devices;
encrypting the nonce at the server using a private key associated with the first device;
transmitting a first message from the server to the first device in response to the server receiving an authentication request from the first device, the first message including the nonce as encrypted by the server using the private key associated with the first device;
processing at the server a second message received from the first device in response to the first message, the second message including a certificate associated with the first device and the nonce as decrypted by the first device;
transmitting a token from the server to the first device when the certificate is verified, the token being sufficient for authenticating the first device to the second device; and
using a public key of the first device at the server to decrypt an encrypted portion of the second message in order to recover the certificate and the nonce therefrom, the first device encrypting the certificate and the nonce within the encrypted portion using the private key.