PASSWORD KEY DERIVATION SYSTEM AND METHOD
First Claim
Patent Images
1. In a computer system, a method for generating and utilizing cryptographic keys comprising:
- receiving a password by a key generating system;
measuring by the key generating system strength of the received password and outputting a strength metric in response;
dynamically computing an iteration count I by the key generating system based on the output strength metric, wherein I≧
0;
repeating by the key generating system a cryptographic function the computed I number of times;
generating a cryptographic key based on the repeated cryptographic function and the received password; and
transmitting the generated cryptographic key to a key utilizing system for use therewith.
7 Assignments
0 Petitions
Accused Products
Abstract
A password-based key derivation function includes a sub-function that gets executed multiple times based on an iteration count. A key derivation module computes the iteration count dynamically with each entered password. The iteration count is computed as a function of the password strength. Specifically, the weaker the password, the higher the iteration count; but the stronger the password, the smaller the interaction count. This helps strengthen weaker passwords without penalizing stronger passwords.
44 Citations
22 Claims
-
1. In a computer system, a method for generating and utilizing cryptographic keys comprising:
-
receiving a password by a key generating system; measuring by the key generating system strength of the received password and outputting a strength metric in response; dynamically computing an iteration count I by the key generating system based on the output strength metric, wherein I≧
0;repeating by the key generating system a cryptographic function the computed I number of times; generating a cryptographic key based on the repeated cryptographic function and the received password; and transmitting the generated cryptographic key to a key utilizing system for use therewith. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A key generating system comprising:
-
a processor; and a memory operably coupled to the processor and storing program instructions therein, the processor being operable to execute the program instructions, the program instructions including; receiving a password; measuring strength of the received password and outputting a strength metric in response; dynamically computing an iteration count I based on the output strength metric, wherein I≧
0;repeating a cryptographic function the computed I number of times; generating a cryptographic key based on the repeated cryptographic function and the received keyword; and transmitting the generated cryptographic key to a key utilizing system for use therewith. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification