×

Secure internal user authentication leveraging public key cryptography and key splitting

  • US 10,637,658 B2
  • Filed: 03/31/2017
  • Issued: 04/28/2020
  • Est. Priority Date: 01/25/2017
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented authentication method to authenticate a user to permit OS level login to a server in a computing system, comprising the steps of:

  • registering an internal user including acquiring an asymmetric encryption key pair associated with the user, the key pair consisting of a public key and a private key;

    splitting the user'"'"'s private key into plural private key fragments;

    storing one of the user'"'"'s private key fragments securely in a mobile device associated with the user;

    storing the user'"'"'s public key and a different one of the plural private key fragments in a datastore accessible to the server;

    at the server, receiving an OS level login request;

    responsive to the login request, generating a random challenge, and transmitting the random challenge in encrypted form from the server to a security system component provisioned on a second, secure server;

    at the server, receiving from the security system component, the random challenge re-encrypted using the user'"'"'s public key, and a partial decryption result generated using the user'"'"'s private key fragment stored in the datastore;

    transmitting the re-encrypted challenge and the partial decryption result to the mobile device associated with the user;

    receiving a token authenticator entered at the server;

    testing validity of the token authenticator so as to demonstrate that the user who made the login request had access to the said mobile device, and that the mobile device correctly completed decryption of the challenge and generated the token authenticator based on the decrypted challenge; and

    permitting the OS level login request, conditioned on an affirmative result of the validity testing.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×