Secure remote user authentication leveraging public key cryptography and key splitting

US 10,411,907 B2
Filed: 01/25/2017
Issued: 09/10/2019
Est. Priority Date: 01/25/2017
Status: Active Grant

First Claim

Patent Images

1. An electronic user authentication method comprising the steps of:

receiving a login request at an information system, wherein the login request is received over a network from a registered remote user device;

based on the login request, identifying a public key associated with a user;

generating a random challenge;

encrypting the challenge using the public key to form an encrypted challenge;

providing the encrypted challenge to the remote user device;

accessing a fragment of a private key, wherein the private key is associated with the identified public key as an asymmetric cryptographic key pair;

partially decrypting the encrypted challenge using the fragment of the private key to form a first result;

providing the first result to the remote user device;

receiving a reply message from the remote user device, the reply message including a token authenticator value that demonstrates that the challenge was successfully decrypted; and

responsive to a determination that the challenge was successfully decrypted, permitting the requested login to the information system.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An ID service on an app server interacts with a corresponding identity app installed on a user device such as a smart phone. At setup, the ID service receives the user'"'"'s public key and only a segment of the corresponding private key. A special challenge message is created and partially decrypted using the private key segment on the server side, and then decryption is completed on the client app using the remaining segment(s) of the private key to recover the challenge. A token authenticator based on the result of the decryption is sent back to the identity service, for it to verify validity of the result and, if it is valid, enable secure login without requiring a password.

Citations

26 Claims

1. An electronic user authentication method comprising the steps of:
- receiving a login request at an information system, wherein the login request is received over a network from a registered remote user device;
  
  based on the login request, identifying a public key associated with a user;
  
  generating a random challenge;
  
  encrypting the challenge using the public key to form an encrypted challenge;
  
  providing the encrypted challenge to the remote user device;
  
  accessing a fragment of a private key, wherein the private key is associated with the identified public key as an asymmetric cryptographic key pair;
  
  partially decrypting the encrypted challenge using the fragment of the private key to form a first result;
  
  providing the first result to the remote user device;
  
  receiving a reply message from the remote user device, the reply message including a token authenticator value that demonstrates that the challenge was successfully decrypted; and
  
  responsive to a determination that the challenge was successfully decrypted, permitting the requested login to the information system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 and further comprising:
    - storing a timestamp associated with the challenge;
      
      after receiving the reply message, comparing a current time to the timestamp; and
      
      based on the comparison, denying the requested login in a case that an elapsed time measured from the timestamp associated with the challenge to receiving the reply message exceeds a predetermined time to live associated with the challenge.
  - 3. The method of claim 2 wherein the time to live associated with the challenge is less than a predetermined time.
  - 4. The method of claim 1 wherein the token authenticator value is based at least in part on the decrypted challenge, and the step of determining whether the challenge was successfully decrypted comprises analysis of the token authenticator value.
  - 5. The method of claim 1 and further comprising:
    - responsive to permitting login to the information system, recording first session information associated with the permitted login;
      
      detecting a second permitted login that commenced a second session while the first session is active;
      
      recording second session information associated with the second session;
      
      determining whether a user associated with the second session is the same as the user associated with the first session;
      
      responsive to the same user having the first and second sessions active concurrently, analyzing the respective session information of the first and second sessions;
      
      based on the analysis, if malicious activity is detected, selecting one of the first and second sessions for termination; and
      
      terminating the selected session.
  - 6. The method of claim 5 wherein:
    - the first and second session information each includes metadata that identifies the remote user device or user agent that generated the corresponding login request, and the analyzing step is based at least in part on comparing the respective metadata of the first and second session information.
  - 7. The method of claim 5 wherein:
    - the metadata for each session includes a fingerprint of a user agent that generated the corresponding login request.
  - 8. The method of claim 5 wherein:
    - the first and second session information each includes an indication of a corresponding geographic location of the remote user device; and
      
      the analysis is based at least in part on the respective geographic locations of the user devices.

9. A method comprising:
- in a client device—
  
  acquiring an asymmetric key consisting of a public key and a private key;
  
  associating the public key and the private key with a user of the client device;
  
  splitting the private key into plural private key fragments, so that a sum of the plural private key fragments equals the private key, wherein the private key is split into three fragments, a first one of the three fragments is secured on the client device, a second one of the three fragments is stored outside of the client device; and
  
  a third one of the three fragments is provided to the identity service;
  
  andregistering the user with an identity service;
  
  wherein registering the user includes providing the public key, and the plural private key fragment(s) excluding the at least one of the private key fragments secured on the client device, to the identity service for use in securely authenticating the user.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 10. The method of claim 9 wherein:
    - the private key is split into two fragments;
      
      one of the two fragments is secured on the client device; and
      
      the other one of the two fragments is provided to the identity service.
  - 11. The method of claim 10 wherein the first fragment equals a user PIN.
  - 12. The method of claim 10 and further comprising securely storing the second fragment in the client device.
  - 13. The method of claim 10 and further comprising the steps of, in the client device:
    - receiving an encrypted challenge from the identity service, the challenge encrypted using the public key;
      
      receiving a partial result from the identity service, the partial result based on partial decryption of the encrypted challenge using the third fragment of the private key;
      
      partially decrypting the encrypted challenge using the first fragment of the private key to form a first result;
      
      partially decrypting the encrypted challenge using the second fragment of the private key to form a second result;
      
      multiplying the first result times the second result times the partial result to form a product;
      
      apply a modulus function to the product, the modulus equal to the modulus of the encryption key, to complete decryption of the challenge and thereby recover the challenge;
      
      sending a message based on the recovered challenge to the identity service to demonstrate decryption of the challenge.
  - 14. The method of claim 10 and further comprising the steps of, in the client device:
    - generating a token authenticator value based on the recovered challenge; and
      
      sending the token authenticator value in the message to the identity service.
  - 15. The method of claim 14 wherein generating the token authenticator value includes processing the challenge to create a secure key based on the challenge that has a smaller size than the challenge.
  - 16. The method of claim 14 wherein generating the token authenticator value includes generating a predetermined cryptographic [one-way] hash function of the challenge, and using the hash function as the token authenticator value to send in the reply message.
  - 17. The method of claim 14 wherein generating the token authenticator value includes generating a key derivation function of the challenge.
  - 18. The method of claim 9 including, in the client device:
    - receiving a PIN input by a user interface, the PIN associated with the private key;
      
      calculating a first private key fragment based on the PIN;
      
      subtracting the first fragment from the private key to form a difference;
      
      randomly selecting a non-zero portion of the difference to form a second fragment;
      
      subtracting the first fragment and the second fragment from the private key to form a third fragment, so that a sum of the first, second and third fragments equals the private key; and
      
      sending the third fragment to the identity service as the said one of the key fragments not including the first key fragment.
  - 19. The method of claim 9 and further comprising:
    - launching a browser in a computer, and operating the browser to communicate over a network with an information system;
      
      in the browser, requesting a login to the information system;
      
      in the browser, receiving an encoded challenge and receiving an encoded partial decryption result related to the challenge, over the network from the information system;
      
      in the browser, generating an optical, machine-readable code representation of the encoded challenge and the encoded partial decryption result;
      
      in the browser, displaying the optical, machine-readable code representation on a display screen coupled to the computer;
      
      in the client device, acquiring the optical, machine-readable code representation from the display screen;
      
      in the client device, processing the optical, machine-readable code representation to recover the challenge and the partial decryption result;
      
      in the client device, decrypting the challenge using the partial decryption result and the at least one private key fragment stored on the client device;
      
      in the client device, generating a token authenticator value based on the challenge, and displaying the token authenticator value on a display screen of the client device;
      
      in the computer, receiving an input to the browser comprising the token authenticator value displayed on the client device; and
      
      in the browser, transmitting the token authenticator value to the information system.
  - 20. The method of claim 19 wherein the optical, machine-readable code comprises a QR code.

21. A network-based information system, comprising:
- an application server;
  
  a user identity service operable on the application server to manage user access to the information system;
  
  a datastore accessible to the identity service, the datastore storing, for at least one user, a public key and a fragment of a private key associated with the public key; and
  
  a client application executable on a client machine, the client application configured for communication with the user identity service over a network;
  
  wherein the identity service is configured to—
  
  receive a login request from the client application;
  
  responsive to the login request, generate a random challenge;
  
  encrypt the challenge using the public key to form an encrypted challenge;
  
  partially decrypt the encrypted challenge to form a partial result;
  
  transmit the encrypted challenge and the partial result to the client application;
  
  receive a reply from the client application;
  
  check the reply to determine whether the challenge was correctly decrypted; and
  
  conditioned on a determination that the challenge was correctly decrypted, permitting the requested login of the user to the information system.
- View Dependent Claims (22)
- - 22. The system of claim 21 wherein the reply comprises a token authenticator.

23. A non-transitory computer readable medium storing instructions executable by a processor to cause the processor to:
- receive a login request at a database system, wherein the login request isreceived over a network from a registered remote user device;
  
  based on the login attempt, identify a public key associated with a user;
  
  generate a random challenge;
  
  encrypt the challenge using the public key to form an encrypted challenge;
  
  transmit the encrypted challenge to the remote user device;
  
  access a fragment of a private key associated with the identified public key;
  
  partially decrypt the encrypted challenge using the fragment to form a first result;
  
  transmit the first result to the remote user device;
  
  receive a reply message from the remote user device;
  
  based on the reply message, determine whether the encrypted challenge was successfully decrypted; and
  
  responsive to a determination that the challenge was successfully decrypted, permit the requested login to the database system without requiring a password.
- View Dependent Claims (24, 25, 26)
- - 24. The non-transitory computer readable medium of claim 23 wherein the reply message includes a token authenticator that is based at least in part on the decrypted challenge, and determining whether the challenge was successfully decrypted comprises analysis of the token authenticator.
  - 25. The non-transitory computer readable medium of claim 23 wherein the stored instructions further cause the processor to:
    - responsive to permitting login to the database system, record first session information associated with the permitted login;
      
      detect a second permitted login that commenced a second session while the first session is active;
      
      record second session information associated with the second session;
      
      determine whether a user associated with the second session is the same as the user associated with the first session;
      
      responsive to the same user having the first and second sessions active concurrently, analyze the respective session information of the first and second sessions;
      
      based on the analysis, execute a predetermined action with respect to zero or one of the first and second sessions.
  - 26. The non-transitory computer readable medium of claim 23 wherein:
    - the first and second session information each includes an indication of a corresponding geographic location of a corresponding remote user device; and
      
      the analysis is based at least in part on the respective geographic locations of the user devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Peddada, Prasad, Elgamal, Taher
Primary Examiner(s)
Gee, Jason K
Assistant Examiner(s)
Almamun, Abdullah

Application Number

US15/415,451
Publication Number

US 20180212785A1
Time in Patent Office

958 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 63/0442   wherein the sending and rec...

H04L 9/085   Secret sharing or secret sp...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3271   using challenge-response

H04L 9/3297   involving time stamps, e.g....

H04W 12/069   using certificates or pre-s...

Secure remote user authentication leveraging public key cryptography and key splitting

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Secure remote user authentication leveraging public key cryptography and key splitting

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links