System and method for providing answers in a personal entropy system
First Claim
1. A method enabling a user of a computing system to generate a secret value from answers to questions previously created by the user, said method comprising the steps of:
- displaying the questions previously created by the user;
prompting the user to select a first portion of the displayed questions and provide a first set of answers to the selected first portion of questions;
attempting to generate said secret value from a portion of the first set of answers and possibly other information;
if said secret value cannot be generated from at least a portion of the first set of answers and possibly other information, prompting the user to select a second portion of the displayed questions and provide a second set of answers to the selected second portion of questions; and
attempting to generate said secret value from a portion of said first and second sets of answers and possibly other information.
2 Assignments
0 Petitions
Accused Products
Abstract
Computer user authentication and cryptographic key protection through the use of personal entropy (PE) is implemented using a PE answering algorithm which enables a user of a computing system to generate secret values from answers to questions previously created by the user. The questions are displayed to the user on a user interface (UI), and the user is prompted to select a subset of the questions to answer. When the user provides answers for the selected subset, an attempt is made to generate the secret value from a portion of the subset and possibly other information. If the secret value cannot be generated from at least a portion of the selected subset, the user is prompted to select a second subset of the displayed questions and provide answers to the selected second set of questions. When the user provides answers to the second selected subset of questions, an attempt is made to generate the secret value from a portion of the first and second sets of answers and possibly other information. The hardware implementation of PE answering algorithm has three components; the PE-controller server computer, the PE-user client controller and the PE-authentication server computer. These components are interconnected via a network. Attached to the PE-controller server is a repository of downloadable client applets which are downloaded to the PE-user client controller and used for both creating the secret value from answers supplied by the user when creating the questions in the create PE process and, later, in the recover PE process, generating the secret value from answers provided by the user to subsets of the previously created questions. The PE-authentication server computer maintains a central database where PE information created by PE users can be stored and subsequently accessed by the PE-controller server computer. The PE-authentication server computer also performs a user authentication service.
72 Citations
29 Claims
-
1. A method enabling a user of a computing system to generate a secret value from answers to questions previously created by the user, said method comprising the steps of:
-
displaying the questions previously created by the user;
prompting the user to select a first portion of the displayed questions and provide a first set of answers to the selected first portion of questions;
attempting to generate said secret value from a portion of the first set of answers and possibly other information;
if said secret value cannot be generated from at least a portion of the first set of answers and possibly other information, prompting the user to select a second portion of the displayed questions and provide a second set of answers to the selected second portion of questions; and
attempting to generate said secret value from a portion of said first and second sets of answers and possibly other information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method enabling a user of a computing system to generate a secret value from answers to questions previously created by the user, said method comprising the steps of:
-
displaying the questions previously created by the user;
prompting the user to select a first portion of the displayed questions and provide a first set of answers to the selected first portion of questions;
attempting to generate said secret value from a portion of the first set of answers and possibly other information;
prompting the user to select a second portion of the displayed questions and provide a second set of answers to the selected second portion of questions;
attempting to generate said secret value from a portion of said first and second sets of answers and possibly other information;
prompting the user to select a third portion of the displayed questions and provide a third set of answers to the selected third portion of questions, if said secret value cannot be generated from at least a portion of the first and second sets of answers and possibly other information; and
attempting to generate said secret value from a portion of said first, second, and third sets of answers and possibly other information, if said secret value cannot be generated from at least a portion of the first set of answers and possibly other information.
-
-
20. A method enabling a user of a computing system to generate a secret value from answers to questions previously created by the user, said method comprising the steps of:
-
displaying the questions previously created by the user;
prompting the user to select at least a portion of the displayed questions and provide answers to the selected portion of questions;
attempting to generate said secret value from a first sub-portion of the provided answers and possibly other information; and
if said secret value cannot be generated from said first sub-portion of the provided answers and possibly other information, attempting to generate said secret value from a second sub-portion of the provided answers. - View Dependent Claims (21, 22, 23, 24)
-
-
25. A method enabling a user of a computing system to generate a secret value from answers to questions previously created by the user, said method comprising the steps of:
-
displaying the questions previously created by the user;
prompting the user to select a first portion of the displayed questions and provide a first set of answers to the selected first portion of questions;
prompting the user to select a second portion of the displayed questions and provide a second set of answers to the selected second portion of questions;
attempting to generate said secret value from a portion of the first set of answers and possibly other information; and
if said secret value cannot be generated from at least a portion of the first set of answers and possibly other information, attempting to generate said secret value from a portion of the first and second sets of answers and possibly other information. - View Dependent Claims (26)
-
-
27. A computing system enabling a user to generate a secret value from-answers to questions previously created by the user, said computing system comprising:
-
a user client computer, a controller computer and an authentication server computer;
a network connecting said user computer, said controller computer and said authentication server computer;
said controller computer downloading a client applet to said user client computer to begin an authentication session;
said user client computer executing the client applet to display the questions previously created by the user and prompt the user to select a first portion of the displayed questions and provide a first set of answers to the selected first portion of questions;
said authentication server computer attempting to generate said secret value from a portion of the first set of answers and possibly other information;
said user client computer responding to said authentication server computer and prompting the user to select a second portion of the displayed questions and provide a second set of answers to the selected second portion of the questions if said secret value cannot be generated from at least a portion of the first set of answers and possibly other information; and
said authentication server computer attempting to generate said secret value from a portion of said first and second sets of answers and possibly other information. - View Dependent Claims (28, 29)
-
Specification