METHOD AND APPARATUS FOR CAMOUFLAGING OF DATA, INFORMATION AND FUNCTIONAL TRANSFORMATIONS
First Claim
1. A method for operating an access control system to camouflage a secret so as to be accessible by an authorized user yet protected against unauthorized access, said method comprising the steps of:
- (a) representing in digital form a secret to be protected against unauthorized access;
(b) storing a plurality of computer-represented objects related to said secret;
(i) at least one of said objects being accessible by an authorized user as a password;
(ii) at least another of said objects being stored in a computer-readable wallet accessible to said access control system; and
(c) representing said secret as a function of said plurality of objects, using a composition function; and
(d) storing, in a computer-readable memory, said composition function;
(i) in a manner accessible to said access control system;
(ii) so as to be executable to generate a candidate secret using a user-inputted candidate password in conjunction with at least said another object stored in said wallet;
(iii) said generated candidate secret not regenerating said secret if said candidate password is not said password; and
(iv) said generated candidate secret regenerating said secret if said candidate password is said password;
thereby protecting said secret against unauthorized access by persons not having said password.
3 Assignments
0 Petitions
Accused Products
Abstract
A computer-representable object (including, without limitation, a cryptographic key, or a graph or a Boolean description of a system) is secured using a generalized camouflaging technique. The secured object need not be stored in the system, not even in encrypted form. Instead, the technique employs a composition function that regenerates the secured object when one inputs a valid password (which may be any computer-representable information held by a user). By regenerating the secured object each time a valid password is entered, there is no need to store the secured object. If one inputs an invalid password, the technique may generate an incorrect object, such that the user is unable to distinguish this incorrect object from the secured object. If the user tries to use the incorrect object, the user can be exposed as unauthorized, without the user'"'"'s knowledge that he has been exposed.
84 Citations
2 Claims
-
1. A method for operating an access control system to camouflage a secret so as to be accessible by an authorized user yet protected against unauthorized access, said method comprising the steps of:
-
(a) representing in digital form a secret to be protected against unauthorized access; (b) storing a plurality of computer-represented objects related to said secret; (i) at least one of said objects being accessible by an authorized user as a password; (ii) at least another of said objects being stored in a computer-readable wallet accessible to said access control system; and (c) representing said secret as a function of said plurality of objects, using a composition function; and (d) storing, in a computer-readable memory, said composition function; (i) in a manner accessible to said access control system; (ii) so as to be executable to generate a candidate secret using a user-inputted candidate password in conjunction with at least said another object stored in said wallet; (iii) said generated candidate secret not regenerating said secret if said candidate password is not said password; and (iv) said generated candidate secret regenerating said secret if said candidate password is said password; thereby protecting said secret against unauthorized access by persons not having said password.
-
-
2-66. -66. (canceled)
Specification