Methods and systems for user authentication

US 10,574,648 B2
Filed: 06/14/2017
Issued: 02/25/2020
Est. Priority Date: 12/22/2016
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for accessing a web service, comprising:

generating, by a computing device, a registration request for a first user to access a web service;

generating a public/private key pair for the combination of the first user and the web service;

storing, by the computing device, the private key of the public/private key pair in a database;

sending, by the computing device, the registration request and the public key of the public/private key pair to the web service;

sending a first request for the first user to access first content from the web service;

receiving, in response to the first request, a first challenge;

resolving, by the computing device, the first challenge using the private key;

sending a first challenge response comprising the resolved first challenge, to the web service;

receiving access to the first content;

generating an encryption key from a master password for the user;

encrypting the database with the encryption key;

receiving, by the computing device, the master password; and

decrypting the database.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for passwordless authenticating of a user are provided. A first request to access a first content is received from a first user of a first device. A first challenge is sent to the first device in response to the first request. The first challenge is resolved using a first private key associated with the first user for the first content. A first response, including a resolved challenge, is received from the first device. It is determined whether the first response is an acceptable response to the first challenge. Access to the first content is granted to the first user in response determining that the first response is an acceptable response.

94 Citations

18 Claims

1. A computer-implemented method for accessing a web service, comprising:
- generating, by a computing device, a registration request for a first user to access a web service;
  
  generating a public/private key pair for the combination of the first user and the web service;
  
  storing, by the computing device, the private key of the public/private key pair in a database;
  
  sending, by the computing device, the registration request and the public key of the public/private key pair to the web service;
  
  sending a first request for the first user to access first content from the web service;
  
  receiving, in response to the first request, a first challenge;
  
  resolving, by the computing device, the first challenge using the private key;
  
  sending a first challenge response comprising the resolved first challenge, to the web service;
  
  receiving access to the first content;
  
  generating an encryption key from a master password for the user;
  
  encrypting the database with the encryption key;
  
  receiving, by the computing device, the master password; and
  
  decrypting the database.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the master password is not sent by the computing device to any other device.
  - 3. The method of claim 1, wherein the first challenge response is generated programmatically by signing the first challenge.
  - 4. The method of claim 1, further comprising receiving, by the computing device, the database from a replication server.
  - 5. The method of claim 1, wherein the public/private key pair is unique to a combination of the first user and the first content.
  - 6. The method of claim 1, further comprising creating, in response to the registration request, a user profile comprising the public key and a user identifier.

7. A system comprising:
- a memory device; and
  
  at least one processor coupled to the memory device, the at least one processor being operative to;
  
  generate a registration request for a first user to access a web service;
  
  generate a public/private key pair for the combination of the first user and the web service;
  
  store the private key of the public/private key pair in a database;
  
  send the registration request and the public key of the public/private key pair to the web service;
  
  send a first request for the first user to access first content from the web service;
  
  receive, in response to the first request, a first challenge;
  
  resolve the first challenge using the private key;
  
  send a challenge response comprising the resolved first challenge, to the web service;
  
  receive access to the first content;
  
  generate an encryption key from a master password for the user;
  
  encrypt the database with the encryption key;
  
  receive, by the computing device, the master password; and
  
  decrypt the database.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein the master password is not sent by the system to any other device.
  - 9. The system of claim 7, wherein the challenge response is generated programmatically by signing the first challenge.
  - 10. The system of claim 7, further wherein the database is received from a replication server.
  - 11. The system of claim 7, wherein the public/private key pair is unique to a combination of the first user and the first content.
  - 12. The system of claim 7, wherein the processing device is operative to create, in response to the registration request, a user profile comprising the public key and a user identifier.

13. A method comprising:
- generating a first registration request for a first user to access a web service;
  
  generating a first public/private key pair for the combination of the first user and the web service;
  
  storing a first private key of the first public/private key pair in a database;
  
  sending the registration request and a first public key of the first public/private key pair to the web service;
  
  sending a first request for the first user to access first content from the web service;
  
  receiving, in response to the first request, a first challenge;
  
  resolving the first challenge using the first private key;
  
  sending a first challenge response comprising the resolved first challenge, to the web service;
  
  receiving access to the first content;
  
  generating a second registration request for the first user to access a second web service;
  
  generating a second public/private key pair, including a second private key and a second public key, for the combination of the first user and the second web service;
  
  storing the second private key in the database;
  
  sending the second registration request and the second public key to the second web service;
  
  sending a second request for the first user to access second content from the second web service;
  
  receiving, in response to the second request, a second challenge;
  
  resolving the second challenge using the second private key;
  
  sending a second challenge response comprising the resolved second challenge to the second web service; and
  
  receiving, by the computing device, access to the second content.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The method of claim 13, wherein the master password is not sent to any other device.
  - 15. The method of claim 13, wherein the first challenge response and the second challenge response are generated programmatically by signing the first challenge and the second challenge respectively.
  - 16. The method of claim 13, wherein the first public/private key pair is unique to a combination of the first user and the first content.
  - 17. The method of claim 13, further comprising receiving the database from a replication server.
  - 18. The method of claim 13, further comprising creating, in response to the first registration request, a user profile comprising the first public key and a user identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dashlane SAS
Original Assignee
Dashlane SAS
Inventors
Guillory, Thomas, Maron, Guillaume, Rivain, Frederic, Fogel, Alexis
Primary Examiner(s)
Rahman, Mahfuzur

Application Number

US15/622,821
Publication Number

US 20180183777A1
Time in Patent Office

986 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0435   wherein the sending and rec...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/083   using passwords cryptograph...

H04L 9/3271   using challenge-response

Methods and systems for user authentication

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

94 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for user authentication

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

94 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links