Multi-factor authentication using quantum communication
First Claim
1. A method of multi-factor authentication that uses quantum communication with a computer system that implements a trusted authority, the method comprising, with a user device:
- receiving, from the trusted authority, measuring bases specifying polarization bases that the trusted authority used to measure quantum signals received from the user device in a quantum communication session between the user device and the trusted authority, wherein the measuring bases have been obscured by device factor information associated with the user device and user factor information, wherein the device factor information is information for a hash function and the user factor information is a user password;
recovering the measuring bases using the device factor information and the user factor information; and
deriving secret bits that are shared between the user device and the trusted authority using the recovered measuring bases.
2 Assignments
0 Petitions
Accused Products
Abstract
Multi-factor authentication using quantum communication (“QC”) includes stages for enrollment and identification. For example, a user enrolls for multi-factor authentication that uses QC with a trusted authority. The trusted authority transmits device factor information associated with a user device (such as a hash function) and user factor information associated with the user (such as an encrypted version of a user password). The user device receives and stores the device factor information and user factor information. For multi-factor authentication that uses QC, the user device retrieves its stored device factor information and user factor information, then transmits the user factor information to the trusted authority, which also retrieves its stored device factor information. The user device and trusted authority use the device factor information and user factor information (more specifically, information such as a user password that is the basis of the user factor information) in multi-factor authentication that uses QC.
-
Citations
10 Claims
-
1. A method of multi-factor authentication that uses quantum communication with a computer system that implements a trusted authority, the method comprising, with a user device:
-
receiving, from the trusted authority, measuring bases specifying polarization bases that the trusted authority used to measure quantum signals received from the user device in a quantum communication session between the user device and the trusted authority, wherein the measuring bases have been obscured by device factor information associated with the user device and user factor information, wherein the device factor information is information for a hash function and the user factor information is a user password; recovering the measuring bases using the device factor information and the user factor information; and deriving secret bits that are shared between the user device and the trusted authority using the recovered measuring bases. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer system that implements a trusted authority, wherein the computer system is adapted to perform a method of multi-factor authentication that uses quantum communication, the computer system comprising:
-
at least one communication connection configured to receive, from a user device, user factor information associated with a user; at least one memory; and at least one processing unit configured to; retrieve, from the memory of the computer system, device factor information associated with the user device, wherein the device factor information is information for a hash function; apply the hash function to a user password derived from the user factor information; obscure, based on the device factor information and the user factor information, measuring bases specifying polarization bases that the computer system used to measure quantum signals received from the user device in a quantum communication session with the user device, wherein the measuring bases are obscured based on results of applying the hash function to the user password; send the obscured measuring bases to the user device; and derive secret bits that are shared between the computer system and the user device using the measuring bases, wherein the secret bits are derived based on a received indication of which of the measuring bases match sending bases for the quantum communication session. - View Dependent Claims (7, 8, 9, 10)
-
Specification