Storing digital secrets in a vault

US 20070124321A1
Filed: 11/02/2005
Published: 05/31/2007
Est. Priority Date: 11/02/2005
Status: Active Grant

First Claim

Patent Images

1. A method for storing secret information in a digital vault, said method comprising:

obtaining from a user an answer to each of m different questions to generate a set of m answers, wherein m is an integer greater than or equal to 3;

identifying subsets SK of the m questions for which acceptable answers later provided by an entity will enable that entity to gain access to the secret information in the digital vault, wherein each subset SK includes a set of nK questions, wherein K is an integer identifying the subset and each nK is an integer that is less than m, wherein at least one subset SK has at least two elements; and

for each subset of questions, S_K;

(a) generating a string T_Kfrom the obtained answers for that subset of questions S_K;

(b) mathematically combining a value derived from the string, TK, with the secret information to generate a result, FK, that hides the secret information; and

(c) storing FK, wherein the digital vault comprises all stored F_K.

View all claims

23 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for storing secret information in a digital vault include obtaining from a user answers to a number of different questions, and identifying which subsets or combinations of the questions for which correct answers later provided by an entity will enable that entity to gain access to the secret information in the vault. The number of questions in each combination is less than the total number of questions, and at least one subset has at least two questions. For each subset, a corresponding string of answers is generated, the string is hashed, and the resulting hash value is combined with the digital secret. This hides the digital secret, which is then stored in the vault. Methods and systems for registering authentication material include storing a hashed string of answers for each combination, generating “multiple authenticators.”

284 Citations

61 Claims

1. A method for storing secret information in a digital vault, said method comprising:
- obtaining from a user an answer to each of m different questions to generate a set of m answers, wherein m is an integer greater than or equal to 3;
  
  identifying subsets SK of the m questions for which acceptable answers later provided by an entity will enable that entity to gain access to the secret information in the digital vault, wherein each subset SK includes a set of nK questions, wherein K is an integer identifying the subset and each nK is an integer that is less than m, wherein at least one subset SK has at least two elements; and
  
  for each subset of questions, S_K;
  
  (a) generating a string T_Kfrom the obtained answers for that subset of questions S_K;
  
  (b) mathematically combining a value derived from the string, TK, with the secret information to generate a result, FK, that hides the secret information; and
  
  (c) storing FK, wherein the digital vault comprises all stored F_K.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 2. The method of claim 1, wherein acceptable answers correspond to answers to the subset of questions obtained from the user.
  - 3. The method of claim 1, wherein acceptable answers are derived from answers obtained from the user.
  - 4. The method of claim 1, wherein the digital vault is stored on a remote server.
  - 5. The method of claim 1, wherein the m different questions are stored on a remote server and downloaded to a user computer.
  - 6. The method of claim 1, further comprising generating a result that allows the verification of later decryption of the secret information.
  - 7. The method of claim 1, wherein (b) comprises mathematically transforming the string, T_K, to generate a value, F_K′
    - , and mathematically combining that value, F_K′
      
      , with the secret information to generate a result, F_K, that hides the secret information.
  - 8. The method of claim 7, wherein mathematically transforming the string T_Kcomprises hashing T_K.
  - 9. The method of claim 7, wherein mathematically transforming the string T_Kcomprises hashing T_Kq times, wherein q is greater than one.
  - 10. The method of claim 7, wherein mathematically transforming the string T_Kincludes the application of a key derivation function.
  - 11. The method of claim 7, wherein mathematically combining the value, F_K′
    - , with the secret information comprises using an exclusive-or function.
  - 12. The method of claim 7, wherein mathematically combining the value, F_K′
    - , with the secret information comprises using an encryption function.
  - 13. The method of claim 1, further comprising, for each subset of questions, S_K:
    - (d) mathematically transforming the string, T_K, to generate a commitment value, G_K; and
      
      (e) storing G_Kwith F_K;
      
      wherein the digital vault comprises all stored F_Kand G_K.
  - 14. The method of claim 11, wherein the digital vault is stored on a remote server.
  - 15. The method of claim 1, wherein mathematically combining a value derived from the string T_K, and the secret information comprises using an exclusive-or function.
  - 16. The method of claim 1, wherein mathematically combining a value derived from the string T_K, and the secret information comprises using an encryption function.
  - 17. The method of claim 16, wherein the encryption function comprises integrity protection.
  - 18. The method of claim 1, further comprising:
    - (d) generating a confirmation string Z from the secret information which allows the verification of later decryption of the secret information; and
      
      (e) storing Z with F_K;
      
      wherein the digital vault comprises Z and all stored F_K.
  - 19. The method of claim 1, wherein the string T_Kcomprises a concatenation of the obtained answers.
  - 20. The method of claim 19, wherein the string T_Kfurther comprises a random number.
  - 21. The method of claim 19, wherein the string T_Kfurther comprises a number specific to the vault.
  - 22. The method of claim 1, wherein the digital vault further comprises a description of subsets S_K.
  - 23. The method of claim 1, further comprising erasing the obtained answers and the secret information after storing F_K.
  - 24. The method of claim 1, further comprising erasing the intermediate values used in the computation of the vault.
  - 25. The method of claim 1, wherein the subsets S_Kcomprise all possible subsets of n questions, where n is an integer less than m.

26. A method of gaining access to secret information contained within a digital vault, said method comprising:
- obtaining from a user an answer to each of m different questions to generate a set of m answers, wherein m is an integer greater than or equal to 3;
  
  identifying subsets S_Kof the m questions for which acceptable answers provided by an entity will enable that entity to gain access to the secret information in the digital vault, wherein each subset S_Kincludes a set of n_Kquestions wherein K is an integer identifying the subset and each n_Kis an integer that is less than m, wherein at least one subset S_Khas at least two elements;
  
  selecting a first subset from among the subsets S_Kof questions and for the selected subset;
  
  (a) generating a string V_Kfrom the obtained answers for that subset of questions S_K;
  
  (b) comparing a value derived from the string, V_Kto a set of stored values to find a match;
  
  (c) if a match is found, giving the user access to the secret information, repeating (a) through (c) for a next selected subset among the subsets S_Kuntil all subsets S_Khave been selected or until a match is found.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
- - 27. The method of claim 26, wherein acceptable answers correspond to answers to the subset of questions obtained from the user.
  - 28. The method of claim 26, wherein acceptable answers are derived from answers obtained from the user.
  - 29. The method of claim 26, wherein giving the user access to the secret information comprises using a value derived from the string V_Kas a decryption key for the secret information contained within the digital vault.
  - 30. The method of claim 26, wherein giving the user access to the secret information comprises using a value derived from the string V_Kwith an exclusive-or function on the secret information contained within the digital vault.
  - 31. The method of claim 26, wherein (b) comprises mathematically transforming the string, V_K, to generate a value H_K;
    - and comparing a value derived from the value, H_K, to a set of stored values to find a match.
  - 32. The method of claim 31, wherein mathematically transforming the string V_Kcomprises using a one-way hash function.
  - 33. The method of claim 26, further comprising allowing the user to attempt to access at least a portion of the digital information in the vault only after the user successfully authenticates.
  - 34. The method of claim 26, wherein the m different questions are stored on a remote server and downloaded to a user computer.
  - 35. The method of claim 26, wherein the digital vault is stored on a remote server.
  - 36. The method of claim 35, further comprising authenticating the user to the remote server.
  - 37. The method of claim 35 further comprising authenticating the user to the remote server by sending a value derived from the string, V_K, to the server, and comparing a value derived from the string, V_K, to a set of values stored at the server;
    - to find a match; and
      
      , if a match is found, sending the user at least a portion of the vault.
  - 38. The method of claim 26, wherein identifying subsets S_Kof the m questions comprises obtaining identifying information from the digital vault.

39. A method of gaining access to secret information contained within a digital vault, said method comprising:
- obtaining from a user an answer to each of m different questions to generate a set of m answers, wherein m is an integer greater than or equal to 3;
  
  identifying subsets S_Kof the m questions for which acceptable answers provided by an entity will enable that entity to gain access to the secret information in the digital vault, wherein each subset S_Kincludes a set of n_Kquestions, wherein K is an integer identifying the subset and each n_Kis an integer that is less than m, wherein at least one subset S_Khas at least two elements;
  
  selecting a first subset from among the subsets S_Kof questions and for the selected subset;
  
  (a) generating a string V_Kfrom the obtained answers for that subset of questions S_K;
  
  (b) using a value derived from the string, V_K, to attempt to access the secret information; and
  
  (c) verifying whether the attempt was successful; and
  
  unless the attempt was successful, repeating (a) through (c) for a next selected subset among the subsets S_Kuntil all subsets S_Khave been selected; and
  
  if the attempt is successful, giving the user access to the secret information.

40-52. -52. (canceled)

53. A method of registering authentication material, said method comprising:
- obtaining from a user an answer to each of m different questions to generate a set of m answers, wherein m is an integer greater than or equal to 3;
  
  identifying subsets S_Kof the m questions for which acceptable answers later provided by an entity will enable that entity to authenticate, wherein each subset S_Kincludes a set of n_Kquestions, wherein K is an integer identifying the subset and each n_Kis an integer that is less than m, wherein at least one subset S_Khas at least two elements; and
  
  for each subset of questions, S_K;
  
  (a) generating a string T_Kfrom the obtained answers for that subset of questions S_K;
  
  (b) mathematically transforming the string, T_K, to generate a value G_K;
  
  (c) storing G_K, wherein the authentication material comprises all stored G_K.

54-59. -59. (canceled)

60. A method of authenticating a user, said method comprising:
- obtaining from a user an answer to each of m different questions to generate a set of m answers, wherein m is an integer greater than or equal to 3;
  
  identifying subsets S_Kof the m questions for which acceptable answers later provided by an entity will enable that entity to authenticate, wherein each subset S_Kincludes a set of n_Kquestions, wherein K is an integer identifying the subset and each n_Kis an integer that is less than m, wherein at least one subset S_Khas at least two elements; and
  
  for each subset of questions, S_K;
  
  (a) generating a string V_Kfrom the obtained answers for that subset of questions S_K;
  
  (b) comparing a value derived from the string V_Kto a set of stored values to find a match; and
  
  (c) if a match is found authenticating the user, repeating (a) through (c) for a next selected subset among the subsets S_Kuntil all subsets S_Khave been selected or until a match is found.

61-69. -69. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RSA Security LLC (Symphony Technology Group LLC)
Original Assignee
RSA Security Incorporated (Symphony Technology Group LLC)
Inventors
Szydlo, Michael

Granted Patent

US 7,739,733 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2131   Lost password, e.g. recover...

G06Q 20/40   Authorisation, e.g. identif...

H04L 9/3218   using proof of knowledge, e...

Storing digital secrets in a vault

First Claim

23 Assignments

0 Petitions

Accused Products

Abstract

284 Citations

61 Claims

Specification

Solutions

Use Cases

Quick Links

Storing digital secrets in a vault

First Claim

23 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

284 Citations

61 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links