Password self encryption method and system and encryption by keys generated from personal secret information

US 8,831,214 B2
Filed: 03/12/2009
Issued: 09/09/2014
Est. Priority Date: 05/29/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprisingusing a server computer to select a first original text password of a first user from a plurality of original text passwords for a plurality of corresponding users stored in a web application'"'"'s user table in a computer server database;

using the server computer to generate a first key based at least in part on the first original text password;

storing the first key against the first original text password in the web application'"'"'s user table in the computer server database;

receiving at the server computer an identification of the first user; and

using the server computer to retrieve from the web application'"'"'s user table the first key based on the identification of the first user;

sending the first key, from the server computer to a first client computer;

encrypting a first set of information by use of the first client computer by using the first key to form a first set of encrypted information; and

sending the first set of encrypted information from the first client computer to the server computer.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A public key cryptographic system and method is provided for a password or any other predefined personal secret information that defeats key factoring and spoofing attacks. The method adopts a new technique of encrypting a password or any predefined secret information by a numeric function of itself, replacing the fixed public key of the conventional RSA encryption. The whole process involving key generation, encryption, decryption and password handling is discussed in detail. Mathematical and cryptanalytical proofs of defeating factoring and spoofing attacks are furnished.

Citations

17 Claims

1. A method comprisingusing a server computer to select a first original text password of a first user from a plurality of original text passwords for a plurality of corresponding users stored in a web application'"'"'s user table in a computer server database;
- using the server computer to generate a first key based at least in part on the first original text password;
  
  storing the first key against the first original text password in the web application'"'"'s user table in the computer server database;
  
  receiving at the server computer an identification of the first user; and
  
  using the server computer to retrieve from the web application'"'"'s user table the first key based on the identification of the first user;
  
  sending the first key, from the server computer to a first client computer;
  
  encrypting a first set of information by use of the first client computer by using the first key to form a first set of encrypted information; and
  
  sending the first set of encrypted information from the first client computer to the server computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1 further comprisingusing the first original text password as a digital certificate of the first user and digitally signing messages using a public key generated from the first original text password.
  - 3. The method of claim 2 further comprisingverifying a digital signature of the first user by using a private key generated from the first original text password.
  - 4. The method of claim 1 whereinthe step of encrypting information by using the first key is implemented using a layer underlying communication between the client computer which is used as the sender and the server computer.
  - 5. The method of claim 4 whereinthe layer includes a web browser.
  - 6. The method of claim 4 whereinthe layer includes a web page.
  - 7. The method of claim 1 further comprisingdecrypting messages from the server computer to the client computer using a public key generated from the first original text password in order to secure information communicated both from the server computer to the client computer and from the client computer to the server computer.
  - 8. The method of claim 1 further comprisingencrypting a message digest by using a public key generated from the first original text password.
  - 9. The method of claim 8 further comprisingdecrypting the encrypted message digest by using a private key generated from the first original text password.
  - 10. The method of claim 1 whereinthe server computer is comprised of a plurality of computers.
  - 11. The method of claim 1 further whereinthe server computer retrieves from the web application'"'"'s user table the first key based only on the identification of the first user.
  - 12. The method of claim 1 further whereinthe server computer retrieves from the web application'"'"'s user table the first key without using any password of the first user.
  - 13. The method of claim 1 further comprisingusing the server computer to select a second original text password of a second user from the plurality of original text passwords for the plurality of corresponding users stored in the web application'"'"'s user table in the computer server database;
    - using the server computer to generate a second key based at least in part on the second original text password;
      
      storing the second key against the second original text password in the web application'"'"'s user table in the computer server database;
      
      receiving at the server computer an identification of the second user; and
      
      using the server computer to retrieve from the web application'"'"'s user table the second key based on the identification of the second user;
      
      sending the second key, from the server computer to a second client computer;
      
      encrypting a second set of information by use of the second client computer by using the second key to form a second set of encrypted information; and
      
      sending the second set of encrypted information from the second client computer to the server computer.
  - 14. The method of claim 13 whereinthe server computer retrieves from the web application'"'"'s user table the first key based only on the identification of the first user.
  - 15. The method of claim 13 further whereinthe server computer retrieves from the web application'"'"'s user table the first key without using any password of the first user.
  - 16. The method of claim 13 further comprisingusing the server computer to decrypt the first set of encrypted information by using the first key;
    - andusing the server computer to decrypt the second set of encrypted information by using the second key.
  - 17. The method of claim 1 further comprisingusing the server computer to decrypt the first set of encrypted information by using the first key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cheman Shaik
Original Assignee
Cheman Shaik
Inventors
Shaik, Cheman
Primary Examiner(s)
Cervetti, David Garcia

Application Number

US12/402,786
Publication Number

US 20090296927A1
Time in Patent Office

2,007 Days
Field of Search

380/44, 380/28, 380/29, 380/30, 380/282, 380/286, 713/176, 713/184, 713/183, 726/5
US Class Current

380/44
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 9/002   Countermeasures against att...

H04L 9/0844   with user authentication or...

H04L 9/302   involving the integer facto...

Password self encryption method and system and encryption by keys generated from personal secret information

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Password self encryption method and system and encryption by keys generated from personal secret information

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links