SYSTEM AND METHOD FOR INCREASING THE SECURITY OF ENCRYPTED SECRETS AND AUTHENTICATION
First Claim
1. A method comprising:
- implementing a multi-party secure computation protocol between a client which has a client secret and a server which has a server secret to compute a third secret from the client secret and the server secret, wherein the protocol is implemented so that the client obtains the third secret and cannot feasibly determine the server secret, and the server cannot feasibly determine the client secret and cannot feasibly determine the third secret;
authenticating the client by a device, the device storing an encrypted secret and configured not to provide the encrypted secret without authentication and the device being distinct from the server; and
after authenticating, providing to the client by the device the encrypted secret, wherein the encrypted secret is capable of being decrypted using a decryption key derived from the third secret and wherein the multi-party secure computation protocol implemented between the client and the server is the only multi-party computation protocol that is implemented in generating the third secret and the decryption key derived from the third secret;
wherein implementing the multi-party secure computation protocol involves;
at the client, using the client secret to compute client information to harden the client secret and then sending the client information to the server;
at the server, using the client information and the server secret to compute intermediate data and sending the intermediate data to the client; and
at the client, deriving the third secret from the intermediate data.
14 Assignments
0 Petitions
Accused Products
Abstract
In general, in one aspect, the invention relates to a method for accessing encrypted data by a client. The method includes receiving from the client by a server client information derived from a first secret wherein the client information is derived such that the server can not feasibly determine the first secret The method also includes providing to the client by the server intermediate data, which is derived responsive to the received client information, a server secret, and possibly other information. The intermediate data is derived such that the client cannot feasibly determine the server secret. The method also includes authenticating the client by a device that stores encrypted secrets and is configured not to provide the encrypted secrets without authentication. After the authenticating step, the method also includes providing the encrypted secrets to the client. The encrypted secrets 5 are capable of being decrypted using a third secret that is derived from the intermediate data.
-
Citations
54 Claims
-
1. A method comprising:
-
implementing a multi-party secure computation protocol between a client which has a client secret and a server which has a server secret to compute a third secret from the client secret and the server secret, wherein the protocol is implemented so that the client obtains the third secret and cannot feasibly determine the server secret, and the server cannot feasibly determine the client secret and cannot feasibly determine the third secret; authenticating the client by a device, the device storing an encrypted secret and configured not to provide the encrypted secret without authentication and the device being distinct from the server; and after authenticating, providing to the client by the device the encrypted secret, wherein the encrypted secret is capable of being decrypted using a decryption key derived from the third secret and wherein the multi-party secure computation protocol implemented between the client and the server is the only multi-party computation protocol that is implemented in generating the third secret and the decryption key derived from the third secret; wherein implementing the multi-party secure computation protocol involves; at the client, using the client secret to compute client information to harden the client secret and then sending the client information to the server; at the server, using the client information and the server secret to compute intermediate data and sending the intermediate data to the client; and at the client, deriving the third secret from the intermediate data. - View Dependent Claims (2, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 31, 44, 45, 46, 49, 52)
-
-
3. (canceled)
-
21-30. -30. (canceled)
-
32-37. -37. (canceled)
-
38. A method for authenticating to a network server, the method comprising:
-
implementing a multi-party secure computation protocol between a client which has a client secret and a server which has a server secret to compute a third secret from the client secret and the server secret, wherein the protocol is implemented so that the client cannot feasibly determine the server secret and the server cannot feasibly determine the client secret and cannot feasibly determine the third secret; at the client deriving a password from the third secret; authenticating to the network server using the derived password, wherein the multi-party secure computation protocol implemented between the client and the server is the only multi-party computation protocol that is implemented in generating the third secret and the password derived from the third secret; wherein implementing the multi-party secure computation protocol involves; at the client, using the client secret to compute client information to harden the client secret and then sending the client information to the server; at the server, using the client information and the server secret to compute intermediate data and sending the intermediate data to the client; and at the client, deriving the third secret from the intermediate data. - View Dependent Claims (39, 40, 41, 48, 50, 53)
-
-
42-43. -43. (canceled)
-
47. A method comprising:
-
implementing a multi-party secure computation protocol between a client which has a client secret and a server which has a server secret to compute a third secret from the client secret and the server secret, wherein the protocol is implemented so that the client cannot feasibly determine the server secret and the server cannot feasibly determine the client secret and cannot feasibly determine the third secret; authenticating the client by a device, the device storing an encrypted secret and configured not to provide the encrypted secret without authentication; and after authenticating, providing to the client by the device the encrypted secret, wherein the encrypted secret is capable of being decrypted using a decryption key derived from the third secret and wherein no additional multi-party secure computation protocol involving any entity other than the server is required to enable the client to generate the third secret and the key derived from the third secret; wherein implementing the multi-party secure computation protocol involves; at the client, using the client secret to compute client information to harden the client secret and then sending the client information to the server; at the server, using the client information and the server secret to compute intermediate data and sending the intermediate data to the client; and at the client, deriving the third secret from the intermediate data. - View Dependent Claims (51, 54)
-
Specification