SECURE LOGIN PROTOCOL
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides a method for generating a secret to be used in an authentication of a user before a server. Using a data association between two data sets, the association being created by the server, the user can provide a secret using an algorithm based on a pin number and a selection of a group of elements from one of the data sets, the selected group of data elements having counterpart group of elements from the other data set by virtue of the data association. The secret is transmitted to the server. The server performs a similar secret provision, and if the secret from the client is identical to the secret provided by the server, the user is authorized to access information on the server.
27 Citations
21 Claims
-
1-11. -11. (canceled)
-
12. A method for providing a secret at a client computer for use in an authentication process, comprising:
-
the client computer receiving from a server computer, information representing a first set of data elements, and a second set of data elements, and a data association between the first set and the second set, through which data association a data element from the first set is uniquely associated with a data element in the second set; providing a first subset comprising a selection of data elements from the first set of data elements; the client computer providing a second subset of data elements, the second subset comprising those data elements in the second set of data elements that are associated with the data elements in the first subset via said data association; providing the secret by evaluating an encryption algorithm that depends on an element from the second subset and a predefined encryption data element; and at least a part of said data association is presented via a first user interface; said provision of a selection of data elements from the first set of data elements is performed by a user in response to said presenting. - View Dependent Claims (13, 14, 18, 19, 20, 21)
-
-
15. A method for providing an authentication indication, comprising:
-
a server computer receiving an authentication request from a client computer; the server computer forming an information representing a first set of data elements and a second set of data elements and a data association between the first set and the second set, through which data association a data element from the first set is uniquely associated with a data element from the second set; the server computer providing said information to the client computer; the server receiving a first secret in response to providing said information to the client computer; the server providing a second secret by evaluating an encryption algorithm that depends on a predefined subset of data elements from the second set and a predefined encryption data element; the server comparing the first secret and the second secret and providing a positive authentication indication if the first secret and the second secret are identical. - View Dependent Claims (16, 17)
-
Specification