Method of and system for encryption and authentication
First Claim
1. A method of secured communication over a networked system comprising:
- a first party;
splitting, using at least one processor, a secure data message into two or more separate messages, said secure data message including a request for access to data held by a second party and said secure data message including an encrypted message, each separate message encrypted with a different key and including at least some unique portion of said secure data message, said two or more separate messages collectively preserving information contained in said secure data message; and
transmitting each of said two or more separate messages to a separate gatekeeper;
each of said separate gatekeepers;
receiving a respective one of said separate messages;
receiving a partial data set from said second party;
securely processing the one of said separate messages by comparing the one of said separate messages to the partial data set, securely processing the one of said separate messages including separately protecting and storing the one of said separate messages;
generating a pass code responsive to comparing the one of said separate messages to the partial data set; and
transmitting the one of said separate messages and the pass code to the second party;
said second party;
receiving the one of said separate messages and the pass code from each of said separate gatekeepers;
generating an authentication code;
splitting up said authentication code into two or more parts;
separately encrypting said two or more parts;
transmitting said two or more parts to separate gateways configured to forward the encrypted parts to a user so that they are re-assembled and decrypted; and
re-assembling each of the one of said separate messages.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention provides a method of and system for networked security, involving multiple clients and servers. Rather than relying on single server based authentication and/or single stream based data transmission, the invention breaks apart information before if leaves the User'"'"'s computer so that intercepting any single electronic message does not provide the hacker with sufficient information to gain access. The invention splits the values (i.e. password, User name, card number for authorization; encrypted text for encryption, etc.) at the point of sender/external authorization client. These split values are encrypted with different keys and transmitted to multiple external authorization servers. The invention can be applied to any secure transmission, storage or authentication of data over a data network.
18 Citations
19 Claims
-
1. A method of secured communication over a networked system comprising:
-
a first party; splitting, using at least one processor, a secure data message into two or more separate messages, said secure data message including a request for access to data held by a second party and said secure data message including an encrypted message, each separate message encrypted with a different key and including at least some unique portion of said secure data message, said two or more separate messages collectively preserving information contained in said secure data message; and transmitting each of said two or more separate messages to a separate gatekeeper; each of said separate gatekeepers; receiving a respective one of said separate messages; receiving a partial data set from said second party; securely processing the one of said separate messages by comparing the one of said separate messages to the partial data set, securely processing the one of said separate messages including separately protecting and storing the one of said separate messages; generating a pass code responsive to comparing the one of said separate messages to the partial data set; and transmitting the one of said separate messages and the pass code to the second party; said second party; receiving the one of said separate messages and the pass code from each of said separate gatekeepers; generating an authentication code; splitting up said authentication code into two or more parts; separately encrypting said two or more parts; transmitting said two or more parts to separate gateways configured to forward the encrypted parts to a user so that they are re-assembled and decrypted; and re-assembling each of the one of said separate messages. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method of authentication comprising:
-
generating identification data for a user; dividing, using at least one processor, said identification data into two or more separate sets, each of the separate sets encrypted with a different key and including at least some unique portion of the identification data, the separate sets collectively including information contained in said identification data; protecting each of said two or more separate sets; and transmitting each of said two or more separate protected sets of data to two or more intermediate servers; said two or more intermediate servers; receiving a partial set of data from an authentication server; comparing the two or more separate protected sets of data to the partial set of data and storing the two or more separate protected sets of data; generating a pass code responsive to comparing the two or more separate protected sets of data to the partial set of data; and forwarding said two or more separate protected sets of data and the pass code to the authentication server; said authentication server; generating an authentication code; splitting up said authentication code into two or more parts; separately encrypting said two or more parts; transmitting said two or more parts to separate gateways configured to forward the encrypted parts to a user for reassembly and decryption; and re-assembling the two or more separate protected sets of data and determining whether access should be granted to said user.
-
-
19. A system for secured communication comprising:
-
a first computer device operable to; split a secure data message into two or more separate messages, said secure data message including a request for access to data of a second device and said secure data message including an encrypted message, each separate message encrypted with a different key and including at least some unique portion of said secure data message, and said two or more separate messages collectively preserving information contained in said secure data message; and transmit each of said two or more separate messages to a separate gatekeeper; each of said separate gatekeepers having a processor operable to; receive a respective one of said separate messages; receive a partial data set from the second device; securely process the one of said separate messages by comparing the one of said separate messages to the partial data set and by separately protecting and storing the one of said separate messages; generate a pass code responsive to the comparison of the one of said separate messages to the partial data set; and transmit the one of said separate messages and the pass code to the second device; said second computer device being operable to; receive the one of said separate messages and the pass code from each of said separate gatekeepers; generate an authentication code; split up said authentication code into two or more parts; separately encrypt said two or more parts; transmit said two or more parts to separate gateways configured to forward the encrypted parts to a user so that they are re-assembled and decrypted; re-assemble each of the one of said separate messages; said first device, second device and separate gatekeepers interconnected via a communication network.
-
Specification