摘要:
Techniques of performing impersonation detection involve using encrypted access request data. Along these lines, an impersonation detection server stores historical access request data only in encrypted form and has no way to decrypt such data. When a new access request is received by a client, the client sends the username associated with the request to the server, which in turns sends the client the encrypted historical access request data. In addition, the server sends the client instructions to perform impersonation detection. The client then carries out the instructions based on the encrypted historical access request data and data contained in the new access request.
摘要:
Systems and methods are provided for authentication by combining a Reverse Turing Test (RTT) with password-based user authentication protocols to provide improved resistance to brute force attacks. In accordance with one embodiment of the invention, a method is provided for user authentication, the method including receiving a username/password pair associated with a user; requesting one or more responses to a first Reverse Turing Test (RTT); and granting access to the user if a valid response to the first RTT is received and the username/password pair is valid.
摘要:
Systems and methods are provided for authentication by combining a Reverse Turing Test (RTT) with password-based user authentication protocols to provide improved resistance to brute force attacks. In accordance with one embodiment of the invention, a method is provided for user authentication, the method including receiving a username/password pair associated with a user; requesting one or more responses to a first Reverse Turing Test (RTT); and granting access to the user if a valid response to the first RTT is received and the username/password pair is valid.
摘要:
Systems and methods are provided for authentication by combining a Reverse Turing Test (RTT) with password-based user authentication protocols to provide improved resistance to brute force attacks. In accordance with one embodiment of the invention, a method is provided for user authentication, the method including receiving a username/password pair associated with a user; requesting one or more responses to a first Reverse Turing Test (RTT); and granting access to the user if a valid response to the first RTT is received and the username/password pair is valid.
摘要:
Systems and methods are provided for authentication by combining a Reverse Turing Test (RTT) with password-based user authentication protocols to provide improved resistance to brute force attacks. In accordance with one embodiment of the invention, a method is provided for user authentication, the method including receiving a username/password pair associated with a user; requesting one or more responses to a first Reverse Turing Test (RTT); and granting access to the user if a valid response to the first RTT is received and the username/password pair is valid.
摘要:
A system and method for confidentially matching information among parties are disclosed. Briefly described, one embodiment is a method comprising receiving from a first party a list of items, determining an encrypted polynomial P(y) from the first party's list of items, communicating the encrypted polynomial P(y) to a second party, receiving from the second party a list of second items, evaluating the encrypted polynomial P(y) at points defined by the second party's list of items, such that an output is determined, determining an encrypted output, the encrypted output corresponding to the output, communicating the encrypted output to the first party, decrypting the received encrypted output and determining an intersection between the first list of items and the second list of items based upon decryption of the received encrypted output.
摘要:
A method for secure accounting and auditing of a communications network operates in an environment in which many servers serve an even larger number of clients (e.g. the web), and are required to meter the interaction between servers and clients (e.g. counting the number of clients that were served by a server). The method (metering process) is very efficient and does not require extensive usage of any new communication channels. The metering is secure against fraud attempts by servers which inflate the number of their clients and against clients that attempt to disrupt the metering process. Several secure and efficient constructions of this method are based on efficient cryptographic techniques, are also very accurate, and preserver the privacy of the clients.
摘要:
A method of establishing a secure channel between a human user and a computer application is described. A secret unique identifier (“PIN”) is shared between a user and an application. When the user makes a request that involves utilizing the PIN for authentication purposes, the application renders a randomly selected identifier. The randomly selected identifier is in a format that is recognizable to a human but is not readily recognizable by an automated agent. The randomly selected identifier is then presented to the human user. The user identifies the relationship between the randomly selected identifier and the PIN. If the user's input reflects the fact that the user knows the PIN, then the user is authenticated.
摘要:
A method for privacy-retaining face identification comprising dividing at least one input face into a first set of patches, providing an assortment of patch profiles for each patch in the first set of patches, each patch profile in the assortment being associated with a unique index thereby to define an assortment of unique indices, for each individual patch in the input face, finding at least one patch profile within the assortment of patch profiles which most resembles the individual patch, thereby to define a first set of indices from among the assortment of unique indices whose corresponding patch profiles most resemble the input face's patches respectively, and using a privacy preserving computation to generate a physical output indicative of a comparison of the input face and at least one target face by comparing first and second functions of the first set of indices and of a second set of indices respectively, the second set of indices corresponding to patch profiles which most resemble a second set of patches into which the target face has been divided.
摘要:
A first version of a database is accessed. The first version includes the identities of items of information included in the database. A second version of the database is generated. The second version includes changed identities created by applying a function to the identities of the first version. In response to a query that seeks to determine whether a particular item is in the first version, the function is applied to the particular item to generate a changed identity for the particular item. Verification information is provided to demonstrate that the changed identity for the particular item was determined using the same function used to create the changed identities in the second version. A determination is made whether or not the particular item is in the second version and hence in the first version of the database, without requiring a release of the identities in the first version.