Password self encryption method and system and encryption by keys generated from personal secret information
First Claim
1. A method comprisingusing a server computer to select a first original text password of a first user from a plurality of original text passwords for a plurality of corresponding users stored in a web application'"'"'s user table in a computer server database;
- using the server computer to generate a first key based at least in part on the first original text password;
storing the first key against the first original text password in the web application'"'"'s user table in the computer server database;
receiving at the server computer an identification of the first user; and
using the server computer to retrieve from the web application'"'"'s user table the first key based on the identification of the first user;
sending the first key, from the server computer to a first client computer;
encrypting a first set of information by use of the first client computer by using the first key to form a first set of encrypted information; and
sending the first set of encrypted information from the first client computer to the server computer.
3 Assignments
0 Petitions
Accused Products
Abstract
A public key cryptographic system and method is provided for a password or any other predefined personal secret information that defeats key factoring and spoofing attacks. The method adopts a new technique of encrypting a password or any predefined secret information by a numeric function of itself, replacing the fixed public key of the conventional RSA encryption. The whole process involving key generation, encryption, decryption and password handling is discussed in detail. Mathematical and cryptanalytical proofs of defeating factoring and spoofing attacks are furnished.
-
Citations
17 Claims
-
1. A method comprising
using a server computer to select a first original text password of a first user from a plurality of original text passwords for a plurality of corresponding users stored in a web application'"'"'s user table in a computer server database; -
using the server computer to generate a first key based at least in part on the first original text password; storing the first key against the first original text password in the web application'"'"'s user table in the computer server database; receiving at the server computer an identification of the first user; and using the server computer to retrieve from the web application'"'"'s user table the first key based on the identification of the first user; sending the first key, from the server computer to a first client computer; encrypting a first set of information by use of the first client computer by using the first key to form a first set of encrypted information; and sending the first set of encrypted information from the first client computer to the server computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
Specification