Password self encryption method and system and encryption by keys generated from personal secret information

US 7,522,723 B1
Filed: 07/10/2008
Issued: 04/21/2009
Est. Priority Date: 05/29/2008
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprisingconverting a first set of predefined information on a server computer to an integer x using a text to number conversion scheme;

determining a first public key exponent e which is computed as any function of x that results in an odd integer for e;

selecting two prime numbers p and q, wherein p−

1 and q−

1 are relatively primes to e, and then computing a first key modulus n=p times q and a Euler Totient Function ø

=(p−

1)(q−

1);

computing a first private key exponent d such that ed=kø

+1, wherein k and d are integersstoring the first private key exponent d and the first key modulus n in a database or file on the server computer, so that the first private key exponent d and the first key modulus n are related to a first user identification of a first user and the first set of predefined information; and

permanently deleting x, p, q, e and ø

on the server computer so that there is no record of x, p, q, e and ø

on the server computer.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A public key cryptographic system and method is provided for a password or any other predefined personal secret information that defeats key factoring and spoofing attacks. The method adopts a new technique of encrypting a password or any predefined secret information by a numeric function of itself, replacing the fixed public key of the conventional RSA encryption. The whole process involving key generation, encryption, decryption and password handling is discussed in detail. Mathematical and cryptanalytical proofs of defeating factoring and spoofing attacks are furnished.

108 Citations

View as Search Results

18 Claims

1. A method comprisingconverting a first set of predefined information on a server computer to an integer x using a text to number conversion scheme;
- determining a first public key exponent e which is computed as any function of x that results in an odd integer for e;
  
  selecting two prime numbers p and q, wherein p−
  
  1 and q−
  
  1 are relatively primes to e, and then computing a first key modulus n=p times q and a Euler Totient Function ø
  
  =(p−
  
  1)(q−
  
  1);
  
  computing a first private key exponent d such that ed=kø
  
  +1, wherein k and d are integersstoring the first private key exponent d and the first key modulus n in a database or file on the server computer, so that the first private key exponent d and the first key modulus n are related to a first user identification of a first user and the first set of predefined information; and
  
  permanently deleting x, p, q, e and ø
  
  on the server computer so that there is no record of x, p, q, e and ø
  
  on the server computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1 further comprisingrepeating the steps of claim 1 for a plurality of sets of predefined information on the server computer, to determine a plurality of public key exponents, a plurality of key moduluses, a plurality of private key exponents, and storing a plurality of private key exponents and a plurality of key moduluses in the database or file related to a plurality of user identifications of a corresponding plurality of users and a plurality of sets of predefined information.
  - 3. The method of claim 2 further comprisingsubmitting the first user identification by a user at a client computer, without the first set of predefined information, to the server computer while retaining the first set of predefined information on the client computer, when a user at a client computer enters both a user identification and a set of predefined information for authentication;
    - andretrieving the first key modulus n from the database or file on the server computer for the received user identification and sending the first key modulus n to a client computer for encrypting the first set of predefined information.
  - 4. The method of claim 3 further comprisingconverting the first set of predefined information entered on the client computer to the same integer x by the same text-to-number conversion scheme as done on the server computer;
    - computing the first public key exponent e on the client computer using the same function of x used on the server computer;
      
      padding the first set of predefined information to form a padded first set predefined of information;
      
      converting the padded first set of predefined information to an integer x_pusing a text-to-number conversion scheme;
      
      encrypting x_pto produce cipher C=x_p^emod n; and
      
      submitting the first user identification and cipher of the first set of predefined information to server computer.
  - 5. The method of claim 4 further comprisingdecrypting cipher C to number x_p, by x_p=C^dmod n on the server computer;
    - converting the number x_pback to the padded first set of predefined information by reverse conversion and subsequently obtaining the first set of predefined information by removing padding.
  - 6. The method of claim 1 whereinthe first set of predefined information includes a password.
  - 7. The method of claim 6 further comprisingencrypting a second set of undefined information with a public key generated using the password once a user logs into a web application.
  - 8. The method of claim 6 further comprisingusing the password as a digital certificate of a user and digitally signing messages using a public key generated from the password.
  - 9. The method of claim 6 further comprisingdecrypting messages from the server computer to the client computer using the public key generated from the password in order to secure information in both directions.
  - 10. The method of claim 6 further comprisingencrypting message digest by using the public key generated from the password.
  - 11. The method of claim 1 whereinthe first set of predefined information includes a pass phrase or credit card information or any individual identity information.
  - 12. The method of claim 1 whereinthe steps of claim 1 are implemented using a layer underlying communication between the client computer and the server computer.
  - 13. The method of claim 12 whereinthe layer includes a web browser.
  - 14. The method of claim 12 whereinthe layer includes a web page.
  - 15. The method of claim 1 whereinthe server computer is comprised of a plurality of computers.
  - 16. The method of claim 1 whereinthe public key exponent e is computed from the equation e=ix±
    - 1, wherein i is any even number that can be changed from user to user.
  - 17. The method of claim 1 further comprisingentering the first user identification and the first set of predefined information in a single web page on a first user computer;
    - submitting the first user identification from the first user computer to the server computer, without the first set of predefined information; and
      
      subsequently receiving the first key modulus n at the first user computer, from the server computer, and then submitting the cipher of first set of predefined information from the first user computer to the server computer.
  - 18. The method of claim 1 further comprisingentering the first user identification in a first web page on a first user computer;
    - submitting the first user identification from the first user computer to the server computer, without the first set of predefined information;
      
      subsequently receiving the first key modulus n at the first user computer, from the server computer;
      
      entering the first set of predefined information in a second web page on the first user computer after the first key modulus n has been received at the first user computer;
      
      and submitting a cipher of the first set of predefined information to the server computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cheman Shaik
Original Assignee
Cheman Shaik
Inventors
Shaik, Cheman
Primary Examiner(s)
Cervetti, David Garcia

Application Number

US12/170,506
Time in Patent Office

285 Days
Field of Search

713/183, 713/184, 726/5, 380/30, 380/282
US Class Current

380/30
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 9/002   Countermeasures against att...

H04L 9/0844   with user authentication or...

H04L 9/302   involving the integer facto...

Password self encryption method and system and encryption by keys generated from personal secret information

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

108 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

Password self encryption method and system and encryption by keys generated from personal secret information

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

108 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others