Method and apparatus for distributing shares of a password for use in multi-server password authentication
First Claim
1. A method for providing information representative of a password from a client to a plurality of servers, the method performed in preparation for subsequent password authentication of the password by one or more of the plurality of servers, each of the plurality of servers having a share of a secret key, the secret key having a public key associated therewith, the method performed by the client and comprising the steps of:
- generating an encryption of a function of the password, the encryption based on the public key; and
communicating the encryption to each server in said plurality of servers for use in said subsequent password authentication.
8 Assignments
0 Petitions
Accused Products
Abstract
A method for distributing a password amongst a plurality of servers for subsequent use in a provably secure multi-server threshold password authentication process. A client, having a password to be authenticated by a plurality of servers, generates an encryption of a function of the password. Then, this encryption is provided to each of the servers for use in subsequent password authentication. In accordance with one illustrative embodiment of the invention, the encryption is of an ElGamal ciphertext of the function g(πC)
24 Citations
10 Claims
-
1. A method for providing information representative of a password from a client to a plurality of servers, the method performed in preparation for subsequent password authentication of the password by one or more of the plurality of servers, each of the plurality of servers having a share of a secret key, the secret key having a public key associated therewith, the method performed by the client and comprising the steps of:
-
generating an encryption of a function of the password, the encryption based on the public key; and
communicating the encryption to each server in said plurality of servers for use in said subsequent password authentication. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for storing information representative of a password, the method performed in preparation for subsequent password authentication between a client and a plurality of servers, each of the plurality of servers having a share of a secret key, the secret key having a public key associated therewith, the method performed by one of said servers and comprising the steps of:
-
receiving from said client an encryption of a function of the password, the encryption based on the public key; and
storing said encryption for use in said subsequent password authentication. - View Dependent Claims (7, 8, 9, 10)
-
Specification