Method of creating password list for remote authentication to services
First Claim
1. A method for improving security in a computer network utilizing password-based access, the method comprising:
- signing a phrase using a private key assigned to a remote user;
associating the signed phrased with the remote user; and
storing the private key assigned to the remote user in a key chain of a provided security chip, wherein the key chain is formed by wrapping the private key using at least one child key pair assigned to the computer network, wrapping the at least one child key pair using at least one parent key pair assigned to the computer network, wrapping the at least one parent key pair using at least one grandparent key pair assigned to the computer network, and wrapping the at least one grandparent key pair using an encryption key assigned to the provided security chip.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for providing security in password-based access to computer networks, the network including a server and a remote user, includes: signing a phrase by a security chip of the server using an encryption key; associating the signed phrase with the remote user; signing the phrase with an encryption key obtained by the security chip when a request for access to the computer network is received from the remote user; comparing the phrase signed with the obtained encryption key with the signed phrase associated with the remote user; and granting access to the remote user if the phrase signed with the obtained encryption key is the same as the stored signed phrase associated with the remote user. The use of the encryption key protects against “dictionary attacks”. Use of the security chip protects against offline attacks. These provide greater security for the computer network.
29 Citations
24 Claims
-
1. A method for improving security in a computer network utilizing password-based access, the method comprising:
-
signing a phrase using a private key assigned to a remote user; associating the signed phrased with the remote user; and storing the private key assigned to the remote user in a key chain of a provided security chip, wherein the key chain is formed by wrapping the private key using at least one child key pair assigned to the computer network, wrapping the at least one child key pair using at least one parent key pair assigned to the computer network, wrapping the at least one parent key pair using at least one grandparent key pair assigned to the computer network, and wrapping the at least one grandparent key pair using an encryption key assigned to the provided security chip. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer readable medium including a computer program for improving security in a computer network utilizing password-based access, the computer program comprising instructions for:
-
signing a phrase using a private key assigned to a remote user; associating the signed phrased with the remote user; and storing the private key assigned to the remote user in a key chain of a provided security chip, wherein the key chain is formed by wrapping the private key using at least one child key pair assigned to the computer network, wrapping the at least one child key pair using at least one parent key pair assigned to the computer network, wrapping the at least one parent key pair using at least one grandparent key pair assigned to the computer network, and wrapping the at least one grandparent key pair using an encryption key assigned to the provided security chip. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for improving security in a computer network utilizing password-based access, the system being operable to:
-
sign a phrase using a private key assigned to a remote user; associate the signed phrased with the remote user; and store the private key assigned to the remote user in a key chain of a provided security chip, wherein the key chain is formed by wrapping the private key using at least one child key pair assigned to the computer network, wrapping the at least one child key pair using at least one parent key pair assigned to the computer network, wrapping the at least one parent key pair using at least one grandparent key pair assigned to the computer network, and wrapping the at least one grandparent key pair using an encryption key assigned to the provided security chip. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification