Adding entropy to key generation on a mobile device
First Claim
1. A method comprising:
- generating a prompt via a computing device interface in connection with an authentication request to access a protected resource associated with the computing device;
processing input cryptographic information entered via the computing device interface in response to the prompt against a pre-determined set of cryptographic information, wherein said pre-determined set of cryptographic information comprises (i) two or more input elements and (ii) two or more qualitative and/or quantitative interface manipulation measures associated with the action of entering the two or more input elements via the computing device interface, wherein the two or more qualitative and/or quantitative interface manipulation measures comprise at least (a) pace of input and (b) directionality of the manipulation of the computing device interface, and wherein said processing comprises;
re-ordering the two or more input elements after being entered via the computing device interface by mapping the two or more input elements to a unique user via a mapping table stored locally on the computing device so as to identify a re-ordered version of the two or more input elements to be used in combination with the two or more qualitative and/or quantitative interface manipulation measures for granting access to the protected resource associated with the computing device; and
resolving the authentication request based on said processing, wherein said resolving comprises granting access to the protected resource upon a determination that the input cryptographic information matches (i) the two or more input elements of the pre-determined set of cryptographic information and (ii) the two or more qualitative and/or quantitative interface manipulation measures of the pre-determined set of cryptographic information.
13 Assignments
0 Petitions
Accused Products
Abstract
Methods, apparatus and articles of manufacture for adding entropy to key generation on a mobile device are provided herein. A method includes generating a prompt via a computing device interface in connection with an authentication request to access a protected resource associated with the computing device; processing input cryptographic information entered via the computing device interface in response to the prompt against a pre-determined set of cryptographic information, wherein said pre-determined set of cryptographic information comprises one or more input elements and one or more interface manipulation measures associated with the one or more input elements; and resolving the authentication request based on said processing.
14 Citations
24 Claims
-
1. A method comprising:
-
generating a prompt via a computing device interface in connection with an authentication request to access a protected resource associated with the computing device; processing input cryptographic information entered via the computing device interface in response to the prompt against a pre-determined set of cryptographic information, wherein said pre-determined set of cryptographic information comprises (i) two or more input elements and (ii) two or more qualitative and/or quantitative interface manipulation measures associated with the action of entering the two or more input elements via the computing device interface, wherein the two or more qualitative and/or quantitative interface manipulation measures comprise at least (a) pace of input and (b) directionality of the manipulation of the computing device interface, and wherein said processing comprises; re-ordering the two or more input elements after being entered via the computing device interface by mapping the two or more input elements to a unique user via a mapping table stored locally on the computing device so as to identify a re-ordered version of the two or more input elements to be used in combination with the two or more qualitative and/or quantitative interface manipulation measures for granting access to the protected resource associated with the computing device; and resolving the authentication request based on said processing, wherein said resolving comprises granting access to the protected resource upon a determination that the input cryptographic information matches (i) the two or more input elements of the pre-determined set of cryptographic information and (ii) the two or more qualitative and/or quantitative interface manipulation measures of the pre-determined set of cryptographic information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. An article of manufacture comprising a non-transitory processor-readable storage medium having processor-readable instructions tangibly embodied thereon which, when implemented, cause a processor to:
-
generate a prompt via a computing device interface in connection with an authentication request to access a protected resource associated with the computing device; process input cryptographic information entered via the computing device interface in response to the prompt against a pre-determined set of cryptographic information, wherein said pre-determined set of cryptographic information comprises (i) two or more input elements and (ii) two or more qualitative and/or quantitative interface manipulation measures associated with the action of entering the two or more input elements via the computing device interface, wherein the two or more qualitative and/or quantitative interface manipulation measures comprise at least (a) pace of input and (b) directionality of the manipulation of the computing device interface, and wherein said processing comprises; re-ordering the two or more input elements after being entered via the computing device interface by mapping the two or more input elements to a unique user via a mapping table stored locally on the computing device so as to identify a re-ordered version of the two or more input elements to be used in combination with the two or more qualitative and/or quantitative interface manipulation measures for granting access to the protected resource associated with the computing device; and resolve the authentication request based on said processing, wherein said resolving comprises granting access to the protected resource upon a determination that the input cryptographic information matches (i) the two or more input elements of the pre-determined set of cryptographic information and (ii) the two or more qualitative and/or quantitative interface manipulation measures of the pre-determined set of cryptographic information.
-
-
15. An apparatus comprising:
-
a memory; and at least one processor coupled to the memory and configured to; generate a prompt via a computing device interface in connection with an authentication request to access a protected resource associated with the computing device; process input cryptographic information entered via the computing device interface in response to the prompt against a pre-determined set of cryptographic information, wherein said pre-determined set of cryptographic information comprises (i) two or more input elements and (ii) two or more qualitative and/or quantitative interface manipulation measures associated with the action of entering the two or more input elements via the computing device interface, wherein the two or more qualitative and/or quantitative interface manipulation measures comprise at least (a) pace of input and (b) directionality of the manipulation of the computing device interface, and wherein said processing comprises; re-ordering the two or more input elements after being entered via the computing device interface by mapping the two or more input elements to a unique user via a mapping table stored locally on the computing device so as to identify a re-ordered version of the two or more input elements to be used in combination with the two or more qualitative and/or quantitative interface manipulation measures for granting access to the protected resource associated with the computing device; and resolve the authentication request based on said processing, wherein said resolving comprises granting access to the protected resource upon a determination that the input cryptographic information matches (i) the two or more input elements of the pre-determined set of cryptographic information and (ii) the two or more qualitative and/or quantitative interface manipulation measures of the pre-determined set of cryptographic information.
-
-
16. A method comprising:
-
generating a prompt via a computing device interface in connection with an authentication request to access a protected resource associated with the computing device; processing input cryptographic information entered via the computing device interface in response to the prompt against a pre-determined set of cryptographic information, wherein said pre-determined set of cryptographic information comprises (i) two or more input elements and (ii) two or more qualitative and/or quantitative interface manipulation measures associated with the action of entering the two or more input elements via the computing device interface, wherein the two or more qualitative and/or quantitative interface manipulation measures comprise at least (a) pace of input and (b) directionality of the manipulation of the computing device interface, and wherein said processing comprises; re-ordering the two or more input elements after being entered via the computing device interface by mapping the two or more input elements to a unique user via a mapping table stored locally on the computing device so as to identify a re-ordered version of the two or more input elements to be used in combination with the two or more qualitative and/or quantitative interface manipulation measures for granting access to the protected resource associated with the computing device; learning a pattern associated with manipulation of the computing device interface in connection with the two or more qualitative and/or quantitative interface manipulation measures over multiple iterations of said processing step to establish two or more updated qualitative and/or quantitative interface manipulation measures associated with the action of entering the two or more input elements via the computing device interface; and updating the pre-determined set of cryptographic information based on the two or more updated interface manipulation measures. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
-
Specification