System and method for protecting a multipurpose data string used for both decrypting data and for authenticating a user
First Claim
1. A method for protecting a multipurpose data string used for both decrypting data and for authenticating a user, comprising the steps of:
- requesting the multipurpose data string from a remote storage element, that also stores user authentication data without storing a private key, for transfer to another storage element; and
determining at least a passkey for decrypting encrypted data, based on the multipurpose data string, in response to transferring the stored data string from the remote storage element.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and system for protecting a multipurpose data string used for both decrypting data and for authenticating a user utilizes a remote storage element that contains a long random data string or password protected by a short easy to remember access data, such as a personal identification number or other user authentication mechanism. The remote storage element contains data used for both initially encrypting secret private keys and for later decrypting the encrypted secret private keys, or other secret data, so they can be used to decrypt data transferred within a computer network, or be used for digitally signing data transferred within a computer network.
90 Citations
23 Claims
-
1. A method for protecting a multipurpose data string used for both decrypting data and for authenticating a user, comprising the steps of:
-
requesting the multipurpose data string from a remote storage element, that also stores user authentication data without storing a private key, for transfer to another storage element; and
determining at least a passkey for decrypting encrypted data, based on the multipurpose data string, in response to transferring the stored data string from the remote storage element. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
receiving the multipurpose data string from the remote storage element;
receiving user authentication data associated with the user; and
operatively combining the multipurpose data string with the user authentication data to generate data for use in generating the passkey for decrypting the encrypted data.
-
-
12. The method of claim 1 further including the steps of:
-
receiving the multipurpose data string;
receiving user authentication data and associating the user authentication data with the multipurpose data string;
storing the multipurpose data string on the remote storage element;
generating the encrypted data based on the multipurpose data string;
storing the encrypted data; and
subsequently verifying user authentication data prior to transferring the stored multipurpose data string from the remote storage element.
-
-
13. A system for protecting a multipurpose data string used for both decrypting data and for authenticating a user, comprising:
-
means for requesting the multipurpose data string from a remote storage element, that also stores user authentication data without storing a private key, for transfer to another storage element; and
means, operatively coupled to the requesting means, for determining at least a passkey for decrypting encrypted data based on the multipurpose data string in response to transferring the stored multipurpose data string from the remote storage element. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
means for receiving the multipurpose data from the remote storage element;
means for receiving user authentication data associated with the user; and
means, operatively coupled to the means for receiving the multipurpose data string and the user authentication data, for combining the multipurpose data string with the user authentication data to generate data for use in generating the passkey for decrypting the encrypted decryption key.
-
-
23. The system of claim 14 further including:
-
means for receiving the multipurpose data string;
means for receiving user authentication data and associating the user authentication data with the multipurpose data string;
means, operatively coupled to the means for receiving the multipurpose data string and the means for receiving the user access identification string, for storing the multipurpose data string on the remote storage element;
means for generating the encrypted decryption key based on the received multipurpose data string;
means, operatively coupled to the means for generating the encrypted decryption key, for storing the encrypted decryption key; and
means, operatively coupled to the means for receiving the user authentication data, for subsequently verifying user authentication data prior to transferring the stored multipurpose data string from the remote storage element.
-
Specification