Password protection
First Claim
Patent Images
1. A method comprising:
- concatenating a password with other data;
generating a value based on the concatenated password and the other data;
forming a first asymmetric key pair having a security level by performing a key generation computation on the value, the security level determined by the number of bits of a cryptography algorithm used to perform the key generation computation;
formulating a self-signing pseudo public key certificate that includes the first asymmetric key pair, the self-signing pseudo public key certificate having a Public Key Infrastructure (PKI) format and is not issued by a PKI central certificate server;
exporting the self signing pseudo public key certificate to an external device; and
responsive to an authentication session, forming a second asymmetric key pair by performing a key generation computation as part of a digital signature logon process wherein the process relies at least in part on the self-signing pseudo public key certificate as exported to the external device.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for password protection are described. In one aspect, an asymmetric key pair is deterministically formed by combining a password and other data. The public key of the asymmetric key pair is exported to an external device. The private key of the asymmetric key pair is used to effect subsequent authentications to the external device.
-
Citations
24 Claims
-
1. A method comprising:
-
concatenating a password with other data; generating a value based on the concatenated password and the other data; forming a first asymmetric key pair having a security level by performing a key generation computation on the value, the security level determined by the number of bits of a cryptography algorithm used to perform the key generation computation; formulating a self-signing pseudo public key certificate that includes the first asymmetric key pair, the self-signing pseudo public key certificate having a Public Key Infrastructure (PKI) format and is not issued by a PKI central certificate server; exporting the self signing pseudo public key certificate to an external device; and responsive to an authentication session, forming a second asymmetric key pair by performing a key generation computation as part of a digital signature logon process wherein the process relies at least in part on the self-signing pseudo public key certificate as exported to the external device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-readable storage medium comprising computer-program stored data representing instructions executable by a processor for:
-
concatenating a password with other data; generating a value based on the concatenated password and the other data; forming a first asymmetric key pair having a security level by performing a key generation commutation on the value, the security level being determined by the number of bits of a cryptography algorithm used to perform the key generation computation; formulating a self-signing pseudo public key certificate based on that includes the first asymmetric key pair, the self-signing pseudo public key certificate having a Public Key Infrastructure (PKI) format and is not issued by a PKI central certificate server; exporting the self-signing pseudo public key certificate of the first asymmetric key pair to an external device; and responsive to an authentication session, forming a second asymmetric key pair by performing a key generation computation as part of a digital signature logon process wherein the process relies at least in part on the self-signing pseudo public key certificate as exported to the external device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computing device comprising:
-
a processor; and a memory coupled to the processor, the memory comprising computer-program instructions executable by the processor for; concatenating a password with other data; generating a value based on the concatenated password and the other data; forming a first asymmetric key pair having a security level by performing a key generation computation on the value, the security level being determined by the number of bits of a cryptography algorithm used to perform the key generation computation; formulating a self-signing pseudo public key certificate that includes the first asymmetric key pair, the self-signing pseudo public key certificate having a Public Key Infrastructure (PKI) format and is not issued by a PKI central certificate server; exporting the self-signing pseudo public key certificate of the first asymmetric key pair to an external device; and responsive to an authentication session, forming a second asymmetric key pair by performing a key generation computation as part of a digital signature logon process wherein the process relies at least in part on the self-signing pseudo public key certificate as exported to the external device. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification