User authentication based on asymmetric cryptography utilizing RSA with personalized secret
First Claim
1. A method for user authentication based on asymmetric cryptography, comprising:
- providing a first input and a second input from a user who requests an access to a computer system;
authorizing the access when the first input matches a personalized secret and the second input matches a crypto-key authenticator comprising a public modulus, a public exponent, and a private-key-dependent exponent; and
changing the personalized secret to a new secret and updating the private-key-dependent exponent while keeping the public modulus and the public exponent unchanged.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for authenticating a user to a computer system is disclosed, comprising using a first input and a second input in producing a digital signature in response to a challenge. The digital signature is valid when the first input matches a personalized secret and the second input matches a trio comprising a public modulus, a public exponent, and a private-key-dependent exponent. Selection of the personalized secret is discretionary and changeable. A crypto-key generation process uses the personalized secret and two primes as input to produce the trio. The public modulus and public exponent of the trio form a public key used in digital signature validation. Also disclosed is a business method that replaces the conventional public-key certificate with an agreement on the user'"'"'s public key.
69 Citations
21 Claims
-
1. A method for user authentication based on asymmetric cryptography, comprising:
-
providing a first input and a second input from a user who requests an access to a computer system;
authorizing the access when the first input matches a personalized secret and the second input matches a crypto-key authenticator comprising a public modulus, a public exponent, and a private-key-dependent exponent; and
changing the personalized secret to a new secret and updating the private-key-dependent exponent while keeping the public modulus and the public exponent unchanged. - View Dependent Claims (3)
-
-
2. The method for user authentication of claim I wherein the personalized secret comprises a user-chosen password.
- 4. The method for user authentication of claim I further comprising using a challenge and response process to authorize the access.
-
7. A method for user authentication based on asymmetric cryptography comprising:
-
receiving an input as a password when requesting a system access;
using the input in producing a digital signature;
using a public key in validating the digital signature; and
deciding that the input matches the password if the digital signature is validated as being valid and, as a result, authorizing the access. - View Dependent Claims (8, 9)
-
-
10. A method for user authentication based on asymmetric cryptography comprising:
-
authorizing an access request by validating a digital signature; and
using a public key on a registration agreement to invalidate a digital signature falsely validated. - View Dependent Claims (11, 12, 13)
-
-
14. A method for user authentication based on asymmetric cryptography in a network having a plurality of system stations comprising:
-
allowing a user to use a password to access different system stations in the network;
allowing each system station in the network to use a respective public key in a digital signature validation for determining if the password is used; and
authorizing an access when the password is used. - View Dependent Claims (15, 16)
-
-
17. An article comprising a machine-readable medium that stores machine-readable instructions for user authentication based on asymmetric cryptography, the instructions causing a machine to:
-
use a first input, a second input, and a challenge message from a computer system as input to a transformation to produce a digital signature;
send the digital signature to the computer system; and
receive an access decision, wherein the access decision, either a permission or a denial, is a result of a validation on the digital signature at the computer system. - View Dependent Claims (18)
-
-
19. A cryptosystem for user authentication comprising:
-
means for receiving an input as a password when requesting a system access;
means for using the input in producing a digital signature;
means for using a public key in validating the digital signature; and
means for deciding that the input matches the password if the digital signature is validated as being valid and, as a consequence, authorizing the access. - View Dependent Claims (20, 21)
-
Specification