Rollback protection for login security policy
First Claim
Patent Images
1. A machine-implemented method, comprising:
- storing, in a storage location in a data storage of a computing device, an encrypted user login metadata set containing state data used to enforce a login policy for the computing device;
registering a counter reading from a remote counter of login attempts in the encrypted user login metadata set, the remote counter stored in a secure location separate from the storage location, wherein the encrypted user login metadata includes a version number based on the counter reading;
determining a lockout state of the encrypted user login metadata set by detecting tampering with the user login metadata set based on a comparison of the counter reading and the version number; and
encrypting the encrypted user login metadata with a second level of encryption in response to determining the lockout state by detecting tampering with the user login metadata set.
2 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, an encryption system may protect user login metadata from hammering attacks. A data storage 140 may store an integrity protected data set 602 for an operating system in a storage location. A processor 120 may register a counter reading from a remote counter 202 in a secure location 204 separate from the storage location. The processor 120 may determine a lockout state of the integrity protected data set 602 based on the counter reading.
-
Citations
19 Claims
-
1. A machine-implemented method, comprising:
-
storing, in a storage location in a data storage of a computing device, an encrypted user login metadata set containing state data used to enforce a login policy for the computing device; registering a counter reading from a remote counter of login attempts in the encrypted user login metadata set, the remote counter stored in a secure location separate from the storage location, wherein the encrypted user login metadata includes a version number based on the counter reading; determining a lockout state of the encrypted user login metadata set by detecting tampering with the user login metadata set based on a comparison of the counter reading and the version number; and encrypting the encrypted user login metadata with a second level of encryption in response to determining the lockout state by detecting tampering with the user login metadata set. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A non-transitory computer-readable medium storing instructions, that when executed by one or more processors, cause the one or more processors to perform a method, comprising:
-
storing, in a storage location in a computing device, an encrypted user login metadata set containing state data used to enforce a login policy for the computing device; protecting the encrypted user login metadata set using a protected module having hardware anti-hammering protections built in to protect against attempts to unseal protected data; registering a counter reading from a remote counter of login attempts in the encrypted user login metadata set, the remote counter stored in a secure location separate from the storage location, wherein the encrypted user login metadata includes a version number based on the counter reading; determining a lockout state of the encrypted user login metadata set by detecting a rollback attack using the protected module based on a comparison of the counter reading and the version number; and encrypting the encrypted user login metadata with a second level of encryption in response to determining the lockout state by detecting tampering with the user login metadata set. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A computing device, comprising:
-
a protected hardware module having hardware anti-hammering protections built in to protect against attempts to unseal protected data configured to execute a protected monotonic counter of login attempts; a hardware data storage configured to store an integrity protected data set having a version number created from a monotonic counter reading from the protected monotonic counter, wherein the monotonic counter reading is stored in a secure location separate from the hardware data storage; and a hardware processor configured to execute; a lockout application programming interface to determine a lockout state by detecting a rollback attack based in part on a comparison of the version number to a lockout counter reading of the protected monotonic counter, and a lockout driver to adjust the lockout state of the integrity protected data set from unlocked to locked in response to determining the lockout state by detecting tampering with the integrity protected data set by applying a second level of encryption to the integrity protected data set. - View Dependent Claims (18, 19)
-
Specification