METHOD FOR SECURING CREDENTIALS IN A REMOTE REPOSITORY
First Claim
1. A method of securing user credentials in a remote repository, the method comprising:
- generating a first private key and a first public key pair from a registered password;
generating a second private key and a second public key pair;
generating a storage key from the second private key and the first public key;
encrypting a set of credentials using the storage key;
creating a encrypted credential signature from the encrypted set of credentials and the first private key; and
storing the encrypted set of credentials, the encrypted credential signature, and the second public key in the remote repository.
10 Assignments
0 Petitions
Accused Products
Abstract
A method of securing user credentials in a remote repository is provided. In accordance with one embodiment, there is provided a method comprising generating a first private key and a first public key pair from a registered password; generating a second private key and a second public key pair; generating a storage key from the second private key and the first public key; encrypting a set of credentials using the storage key; creating a encrypted credential signature from the encrypted set of credentials and the first private key; and storing the encrypted set of credentials, the encrypted credential signature, and the second public key in the remote repository.
86 Citations
17 Claims
-
1. A method of securing user credentials in a remote repository, the method comprising:
-
generating a first private key and a first public key pair from a registered password; generating a second private key and a second public key pair; generating a storage key from the second private key and the first public key; encrypting a set of credentials using the storage key; creating a encrypted credential signature from the encrypted set of credentials and the first private key; and storing the encrypted set of credentials, the encrypted credential signature, and the second public key in the remote repository. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of authenticating a request to access user credentials in a remote repository, the remote repository having stored thereon a unique user identification (UID) and an authentication token generated from the UID and a password, the method comprising:
-
receiving a user login identification and a first random number from a communication device; sending a second random number to the communication device; receiving a response token from the communication device, the response token having been generated from the first random number, the second random number, the user login identification and the password; generating a verification token from the first random number, the second random number, and the authentication token; and verifying the response token matches the verification token. - View Dependent Claims (8, 9)
-
-
10. A method of accessing secured user credentials in a remote repository, the method comprising:
-
receiving an encrypted set of credentials, an encrypted credential signature, and a second public key from the remote repository; generating a first private key from a user-entered password; verifying the encrypted credential signature from the encrypted set of credentials and the first private key; generating a storage key from the first private key and the second public key; and decrypting the encrypted set of credentials using the storage key. - View Dependent Claims (11, 12, 13)
-
-
14. A server for securing user credentials in a remote repository, the server comprising:
-
a processor; memory; and an encryption module which, when executed by the processor, configures the processor to generate a first private key and a first public key pair from a registered password; generate a second private key and a second public key pair; generate a storage key from the second private key and the first public key; encrypt a set of credentials using the storage key; create a encrypted credential signature from the encrypted set of credentials and the first private key; and store the encrypted set of credentials, the encrypted credential signature, and the second public key in the remote repository.
-
-
15. A server for authenticating a request to access user credentials in a remote repository, the remote repository having stored thereon a unique user identification (UID) and an authentication token generated from the UID and a password, the server comprising:
-
a processor; memory; and an authentication module which, when executed by the processor, configures the processor to receive a user login identification and a first random number from a communication device, send a second random number to the communication device, receive a response token from the communication device, the response token having been generated from the first random number, the second random number, the user login identification and the password, generate a verification token from the first random number, the second random number, and the authentication token, and verify the response token matches the verification token.
-
-
16. A communication device for authenticating a request to access user credentials in a remote repository, the remote repository having stored thereon a unique user identification (UID) and an authentication token generated from the UID and a password, the communication device comprising:
-
a processor; memory; and a remote credential management module which, when executed by the processor, configures the processor to send a user login identification and a first random number to a server; receive a second random number from the server; generate a response token from the first random number, the second random number, the user login identification and the password; send the response token to the server; and receive an authorization message from the server.
-
-
17. A communication device for accessing secured user credentials in a remote repository, the communication device comprising:
-
a processor; memory; and a remote credential management module which, when executed by the processor, configures the processor to receive an encrypted set of credentials, an encrypted credential signature, and a second public key from the remote repository; generate a first private key from a user-entered password; verify the encrypted credential signature from the encrypted set of credentials and the first private key; generate a storage key from the first private key and the second public key; decrypt the encrypted set of credentials using the storage key; and populate the device with the unencrypted set of credentials.
-
Specification