Mitigating dictionary attacks on password-protected local storage
First Claim
Patent Images
1. A method comprising:
- receiving on a computer a password from a user;
selecting at least one puzzle from a puzzle database based on the received password;
for each selected puzzleproviding the puzzle to the user on a computer, andreceiving a solution for the puzzle from the user on a computer; and
generating a key on a computer based at least on the entirety of at least one solution, wherein said key is a cryptographic key.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention includes a method for key creation and recovery based on solutions to puzzles solvable by humans and not computers. In some exemplary embodiments, the key is created and recovered based on the solution(s) in conjunction with the password entered by the user. The puzzle(s) is selected based on the password used by the user from a puzzle database containing multiple puzzles that is greater in number to the number of puzzles used in conjunction with a particular password.
-
Citations
19 Claims
-
1. A method comprising:
-
receiving on a computer a password from a user; selecting at least one puzzle from a puzzle database based on the received password; for each selected puzzle providing the puzzle to the user on a computer, and receiving a solution for the puzzle from the user on a computer; and generating a key on a computer based at least on the entirety of at least one solution, wherein said key is a cryptographic key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method comprising:
-
receiving on a computer a password from a user; selecting on a computer at least four puzzles indexed with the password from a puzzle database having puzzles solvable by a human and not solvable by a non-human entity; for each selected puzzle providing the puzzle to the user, and receiving on a computer a solution for the puzzle from the user; generating on a computer a key based on at least the received solutions; and using the key to encrypt files on a computer, wherein retrieving includes expanding the received password into indices to provide the index to puzzles in the puzzle database. - View Dependent Claims (15)
-
-
16. A computer program product comprising a non-transitory computer useable medium, including a computer readable program, wherein the computer readable program when executed on a computer causes the computer to:
generate a key including receive a password from a user, compute indices based on the received password, select at least one puzzle from a puzzle database based on the computed indices, for each selected puzzle, query the user for a solution, compute a cryptographic key based on the received at least one solution and the received password, and discard the solutions.
-
17. A method comprising:
-
receiving on a computer information including a password from a user; generating one or more puzzles on a computer based on at least some of the received information; for each generated puzzle providing the puzzle to the user on a computer, and receiving on a computer a solution for the puzzle from the user; and generating on a computer a cryptographic key based at least on the entirety of at least one solution. - View Dependent Claims (18, 19)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsCanetti, Ran, Halevi, Shai, Steiner, Michael
-
Primary Examiner(s)Zee, Edward
-
Application NumberUS11/501,831Publication NumberTime in Patent Office2,000 DaysField of Search726/2, 726/27, 726/28, 713/182, 713/183, 380 44- 47US Class Current713/182CPC Class CodesH04L 9/0863 involving passwords or one-...H04L 9/0894 Escrow, recovery or storing...H04L 9/3226 using a predetermined code,...
