System And Method Of Non-Centralized Zero Knowledge Authentication For A Computer Network
First Claim
1. A method of non-centralized zero-knowledge authentication for a computer network, comprising steps of:
- establishing a first computer having a first authentication agent and a first prover agent on the computer network;
detecting a first authentication request over the computer network from a second computer having a second prover agent;
authenticating the second prover agent through a zero-knowledge identification protocol; and
promoting the second computer with a second authentication agent to perform authentication for the computer network.
3 Assignments
0 Petitions
Accused Products
Abstract
Zero-knowledge authentication proves identity without revealing information about a secret that is used to prove that identity. An authentication agent performs authentication of a prover agent without knowledge or transfer of the secret. A non-centralized zero-knowledge authentication system contains multiple authentication agents, for access by multiple computers seeking access on a computer network through local prover agents. Once authenticated, those multiple computers may also implement authentication agents. The secret may periodically expire by publishing a new encrypted secret by a trusted source, thwarting attempts to factor or guess information about the secret.
98 Citations
9 Claims
-
1. A method of non-centralized zero-knowledge authentication for a computer network, comprising steps of:
-
establishing a first computer having a first authentication agent and a first prover agent on the computer network; detecting a first authentication request over the computer network from a second computer having a second prover agent; authenticating the second prover agent through a zero-knowledge identification protocol; and promoting the second computer with a second authentication agent to perform authentication for the computer network. - View Dependent Claims (2, 3, 4)
-
-
5. A system of non-centralized zero-knowledge authentication for a computer network, comprising:
-
two or more computers establishing the computer network, each of the computers containing an authentication agent, secret and prover agent; and a requesting computer having a prover agent, for requesting access to the computer network, wherein the prover agent of the requesting computer and one of the authentication agents of the two or more computers engaging in a zero-knowledge authentication protocol, and wherein the requesting computer operates with an authentication agent on the computer network when the requesting computer is authenticated through the zero-knowledge authentication protocol. - View Dependent Claims (6, 7, 8)
-
-
9. A software product comprising instructions, stored on computer-readable media, wherein the instructions, when executed by a computer, perform steps for non-centralized zero-knowledge authentication for a computer network, comprising:
-
instructions for establishing a first computer having a first authentication agent and a first prover agent on the computer network; instructions for detecting a first authentication request over the computer network from a second computer having a second prover agent; instructions for authenticating the second prover agent through a zero-knowledge identification protocol; and instructions for promoting the second computer with a second authentication agent to perform authentication for the computer network.
-
Specification