Protecting passwords and biometrics against back-end security breaches
First Claim
1. A multifactor authentication method for authenticating a user of an application while mitigating back-end security breaches, the application comprising an application front-end running on a computing device and an application back-end running on a server, the server being part of a back-end subsystem, the back-end subsystem comprising a back-end storage medium, the method comprising:
- during a registration phase, the application front-end sending to the application back-end one or more registration-phase bearer tokens;
during the registration phase, the application back-end computing a registration-phase tag derived from a registration-phase joint hash of a public key and the one or more registration-phase bearer tokens, the public key being a component of a key pair pertaining to an asymmetric cryptosystem, the public key being treated by the application as a secret shared between the application front-end and the application back-end, wherein the public key is never communicated by the application front-end or the application back-end to any third party;
during the registration phase, the application back-end storing the registration-phase tag in the back-end storage medium;
during the registration phase, the application back-end deleting the public key and the one or more registration-phase bearer tokens from the back-end subsystem after computing the registration-phase tag;
during an authentication phase, the application front-end sending to the application back-end the public key and one or more authentication-phase bearer tokens;
during the authentication phase, the application front-end proving to the application back-end knowledge of a private key associated with the public key, the private key being a component of the key pair;
during the authentication phase, the application back-end computing an authentication-phase tag derived from an authentication-phase joint hash of the public key and the one or more authentication-phase bearer tokens;
during the authentication phase, the application back-end deleting the public key and the one or more authentication-phase bearer tokens from the back-end subsystem after computing the authentication-phase tag; and
during the authentication phase, the application back-end verifying that the authentication-phase tag is equal to the registration-phase tag.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system are provided for authenticating a user to an application back-end using a key pair and one or more bearer tokens such as a password, a biometric code, or a biometric key, while protecting the bearer tokens against back-end security breaches. In one embodiment, an application front-end authenticates the user by sending the bearer tokens and a public key to the application back-end, and demonstrating knowledge of a private key. The application back-end compares an authentication-phase tag derived from a joint hash of the public key and the bearer tokens against a registration-phase tag stored in a device record within a back-end database. The public key is not stored in the database, thereby depriving an adversary who breaches back-end security of information needed to test guesses of the bearer tokens.
-
Citations
18 Claims
-
1. A multifactor authentication method for authenticating a user of an application while mitigating back-end security breaches, the application comprising an application front-end running on a computing device and an application back-end running on a server, the server being part of a back-end subsystem, the back-end subsystem comprising a back-end storage medium, the method comprising:
-
during a registration phase, the application front-end sending to the application back-end one or more registration-phase bearer tokens; during the registration phase, the application back-end computing a registration-phase tag derived from a registration-phase joint hash of a public key and the one or more registration-phase bearer tokens, the public key being a component of a key pair pertaining to an asymmetric cryptosystem, the public key being treated by the application as a secret shared between the application front-end and the application back-end, wherein the public key is never communicated by the application front-end or the application back-end to any third party; during the registration phase, the application back-end storing the registration-phase tag in the back-end storage medium; during the registration phase, the application back-end deleting the public key and the one or more registration-phase bearer tokens from the back-end subsystem after computing the registration-phase tag; during an authentication phase, the application front-end sending to the application back-end the public key and one or more authentication-phase bearer tokens; during the authentication phase, the application front-end proving to the application back-end knowledge of a private key associated with the public key, the private key being a component of the key pair; during the authentication phase, the application back-end computing an authentication-phase tag derived from an authentication-phase joint hash of the public key and the one or more authentication-phase bearer tokens; during the authentication phase, the application back-end deleting the public key and the one or more authentication-phase bearer tokens from the back-end subsystem after computing the authentication-phase tag; and during the authentication phase, the application back-end verifying that the authentication-phase tag is equal to the registration-phase tag. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for authenticating a user while mitigating back-end security breaches, comprising:
-
a computing device; a network; a server connected to the computing device by the network, the server being part of a back-end subsystem, the back-end subsystem comprising a back-end storage; and an application comprising an application front-end running on the computing device and an application back-end running on the server, wherein the application front-end and the application back-end jointly perform a method of authenticating a user of the application, the method comprising; during a registration phase, the application front-end sending to the application back-end one or more registration-phase bearer tokens; during the registration phase, the application back-end computing a registration-phase tag derived from a registration-phase joint hash of a public key and the one or more registration-phase bearer tokens, the public key being a component of a key pair pertaining to an asymmetric cryptosystem, the public key being treated by the application as a secret shared between the application front-end and the application back-end, wherein the public key is never communicated by the application front-end or the application back-end to any third party; during the registration phase, the application back-end storing the registration-phase tag in the back-end storage medium; during the registration phase, the application back-end deleting the public key and the one or more registration-phase bearer tokens from the back-end subsystem after computing the registration-phase tag; during an authentication phase, the application front-end sending to the application back-end the public key and one or more authentication-phase bearer tokens; during the authentication phase, the application front-end proving to the application back-end knowledge of a private key associated with the public key, the private key being a component of the key pair; during the authentication phase, the application back-end computing an authentication-phase tag derived from an authentication-phase joint hash of the public key and the one or more authentication-phase bearer tokens; during the authentication phase, the application back-end deleting the public key and the one or more authentication-phase bearer tokens from the back-end subsystem after computing the authentication-phase tag; and during the authentication phase, the application back-end verifying that the authentication-phase tag is equal to the registration-phase tag. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification