公开(公告)号：US09118661B1

公开(公告)日：2015-08-25

申请号：US13404737

申请日：2012-02-24

申请人： Ari Juels ,  Nikolaos Triandopoulos ,  Marten Erik van Dijk

发明人： Ari Juels ,  Nikolaos Triandopoulos ,  Marten Erik van Dijk

IPC分类号： H04L29/06

CPC分类号： H04L63/0838 ,  H04L63/0853

摘要： Methods and apparatus are provided for authenticating a user using multi-server one-time passcode verification. A user is authenticated by receiving authentication information from the user; and authenticating the user based on the received authentication information using at least two authentication servers, wherein the received authentication information is based on a secret shared between a security token associated with the user and an authentication authority that provides the at least two authentication servers. For example, the authentication information can comprise a passcode comprised of a tokencode from the security token and a password from the user. The user can be authenticated only if, for example, all of the at least two authentication servers authenticate the received authentication information.

摘要翻译： 提供了使用多服务器一次性密码验证来验证用户的方法和装置。 通过从用户接收认证信息来认证用户; 以及使用至少两个认证服务器基于所接收的认证信息来认证所述用户，其中，所接收的认证信息基于与所述用户相关联的安全令牌和提供所述至少两个认证服务器的认证机构之间共享的秘密。 例如，认证信息可以包括由来自安全令牌的令牌代码和来自用户的密码组成的密码。 只有在例如所有至少两个认证服务器中的所有认证服务器对接收到的认证信息进行认证时，才可以认证用户。

公开(公告)号：US09021553B1

公开(公告)日：2015-04-28

申请号：US13436125

申请日：2012-03-30

申请人： Thomas S. Corn ,  Ari Juels ,  Nikolaos Triandopoulos

发明人： Thomas S. Corn ,  Ari Juels ,  Nikolaos Triandopoulos

IPC分类号： H04L29/06 ,  G06F21/31

CPC分类号： G06F21/31 ,  G06F2221/2133

摘要： Methods and apparatus are provided for fraud detection and remediation in knowledge-based authentication (KBA). A knowledge-based authentication method is performed by a server for restricting access of a user to a restricted resource. The exemplary knowledge-based authentication method comprises challenging the user with one or more questions requiring knowledge by the user; receiving a response from the user to the one or more questions, wherein at least a portion of the response is encoded by the user using an encoding scheme defined between the server and the user to signal a fraudulent access attempt; and granting access to the restricted resource if one or more predefined response criteria are satisfied, wherein the one or more predefined response criteria comprises an assessment of whether the encoded portion of the response satisfies the encoding scheme. A number of exemplary encoding schemes are disclosed.

摘要翻译： 提供了基于知识的认证（KBA）中的欺诈检测和修复的方法和装置。 基于知识的认证方法由服务器执行，用于限制用户对受限资源的访问。 示例性的基于知识的认证方法包括用用户需要知识的一个或多个问题来挑战用户; 从所述用户接收对所述一个或多个问题的响应，其中所述响应的至少一部分由所述用户使用在所述服务器和所述用户之间定义的编码方案进行编码以用信号通知欺诈性接入尝试; 以及如果满足一个或多个预定义的响应准则则允许对所述受限资源的访问，其中所述一个或多个预定义的响应标准包括所述响应的编码部分是否满足所述编码方案的评估。 公开了许多示例性编码方案。

公开(公告)号：US09160539B1

公开(公告)日：2015-10-13

申请号：US13537981

申请日：2012-06-29

申请人： Ari Juels ,  Nikolaos Triandopoulos ,  Kevin Bowers ,  Catherine Hart

发明人： Ari Juels ,  Nikolaos Triandopoulos ,  Kevin Bowers ,  Catherine Hart

IPC分类号： H04L9/32

CPC分类号： H04L9/3244 ,  G06F21/554 ,  G06F2221/2107 ,  H04L9/3242 ,  H04L9/3247

摘要： Methods and apparatus are provided for secure transmission of alert messages over a message locking channel. An alert message is transmitted from a Security Alerting System indicating a potential compromise of a protected resource by obtaining the alert message from the Security Alerting System; authenticating the alert message using a secret key known by a server, wherein the secret key evolves in a forward-secure manner; storing the authenticated alert message in a buffer; and transmitting the buffer to the server. The alert message is authenticated by digitally signing the alert message or applying a message authentication code and is possibly encrypted using a secret key known by a server, wherein the secret key evolves in a forward-secure manner. The authenticated alert message can be maintained in the buffer after the transmitting step. The buffer optionally has a fixed-size and alert messages can be stored in a round-robin manner, for example, from a random position. The buffer can be encrypted prior to transmission to the server.

摘要翻译： 提供了用于通过消息锁定通道安全地传送警报消息的方法和装置。 通过从安全警报系统获取警报消息，从安全警报系统发送指示受保护资源的潜在危害的警报消息; 使用服务器已知的密钥对所述警报消息进行认证，其中所述秘密密钥以前向安全的方式演进; 将经认证的警报消息存储在缓冲器中; 并将缓冲区发送到服务器。 警报消息通过对警报消息进行数字签名或应用消息认证码进行认证，并且可以使用服务器已知的秘密密钥加密，其中秘密密钥以前向安全的方式发展。 在发送步骤之后，可以在缓冲器中维护认证的警报消息。 缓冲器可选地具有固定大小，并且警报消息可以以循环方式存储，例如从随机位置存储。 缓冲区可以在传输到服务器之前进行加密。

公开(公告)号：US09515989B1

公开(公告)日：2016-12-06

申请号：US13404788

申请日：2012-02-24

申请人： Ari Juels ,  Nikolaos Triandopoulos ,  Marten Erik van Dijk ,  Ronald Rivest

发明人： Ari Juels ,  Nikolaos Triandopoulos ,  Marten Erik van Dijk ,  Ronald Rivest

IPC分类号： G06F21/00 ,  H04L29/06

CPC分类号： H04L63/00 ,  H04L63/0428 ,  H04L63/065 ,  H04L63/0838 ,  H04L63/0869 ,  H04L63/123 ,  H04L63/126 ,  H04L63/14

摘要： Methods and apparatus are provided for silent alarm channels using one-time passcode authentication tokens. A message is transmitted indicating a potential attack on a protected resource by obtaining the message; combining the message with a tokencode generated by a security token to generate a one-time passcode; and transmitting the one-time passcode to a receiver. A plurality of the messages can be obtained in parallel, and the plurality of parallel messages can be combined with the tokencode to generate the one-time passcode. A subsequent message can optionally be generated by applying a hash function to a prior n-bit value to provide a counter identifying each message. The message optionally also comprises one or more additional bits to provide an annotation of the message.

摘要翻译： 为使用一次性密码认证令牌的静音报警通道提供方法和装置。 通过获得消息来传送指示对受保护资源的潜在攻击的消息; 将消息与由安全令牌生成的令牌代码组合以生成一次性密码; 并将一次性密码发送到接收机。 可以并行获得多个消息，并且多个并行消息可以与令牌代码组合以生成一次性密码。 可以可选地通过将哈希函数应用于先前的n位值来产生后续消息，以提供识别每个消息的计数器。 消息可选地还包括一个或多个附加位以提供消息的注释。

公开(公告)号：US09008303B1

公开(公告)日：2015-04-14

申请号：US13334709

申请日：2011-12-22

申请人： Ari Juels ,  Nikolaos Triandopoulos ,  Kevin Bowers

发明人： Ari Juels ,  Nikolaos Triandopoulos ,  Kevin Bowers

IPC分类号： H04L9/00 ,  H04L9/08 ,  G06F7/58

CPC分类号： H04L9/0869 ,  G06F7/582 ,  H04L9/0891 ,  H04L2209/38

摘要： Methods and apparatus are provided for generation of forward secure pseudorandom numbers. A forward secure pseudorandom number is generated by obtaining a first state si corresponding to a current leaf node vi in a hierarchical tree, wherein the current leaf vi produces a first pseudorandom number ri−t and wherein the hierarchical tree comprises at least one chain comprised of a plurality of nodes on a given level of the hierarchical tree; updating the first state si to a second state si+t corresponding to a second leaf node vi+t; and computing a second pseudorandom number ri+t−1 corresponding to the second leaf node vi+t. The variable t may be an integer greater than one. Updating the state does not require generation of all pseudorandom numbers produced by leaf nodes between the current leaf node vi and the second leaf node vi+t.

摘要翻译： 提供了用于产生前向安全伪随机数的方法和装置。 通过获得与分层树中的当前叶节点vi相对应的第一状态si来生成正向安全伪随机数，其中当前叶vi产生第一伪随机数ri-t，并且其中分级树包括至少一个链，其包括 分层树的给定级别上的多个节点; 将第一状态si更新为对应于第二叶节点vi + t的第二状态si + t; 以及计算对应于第二叶节点vi + t的第二伪随机数ri + t-1。 变量t可以是大于1的整数。 更新状态不需要生成当前叶节点vi和第二叶节点vi + t之间的叶节点产生的所有伪随机数。

公开(公告)号：US08788817B1

公开(公告)日：2014-07-22

申请号：US13249957

申请日：2011-09-30

申请人： Ari Juels ,  Nikolaos Triandopoulos

发明人： Ari Juels ,  Nikolaos Triandopoulos

IPC分类号： H04L29/06

CPC分类号： H04L9/0891 ,  G06F21/55 ,  H04L63/0428 ,  H04L63/067 ,  H04L2209/38 ,  H04W4/38

摘要： Methods and apparatus are provided for secure and reliable transmission of messages over a silent alarm channel. A plurality of messages are transmitted by obtaining the plurality of messages; and transmitting the plurality of messages on a forward-secure channel to a receiver, wherein the forward-secure channel comprises a buffer having a plurality of entries, wherein each of the entries stores one of the messages and wherein at least one of the plurality of messages is maintained in the forward-secure channel after a receiver reads the channel. Two levels of encryption are optionally performed on the forward-secure channel. The messages carried by the disclosed silent alarm channels can comprise, for example, (i) entries in a security log; (ii) one-time passwords derived by authentication tokens; or (iii) tampering notifications from one or more sensor devices.

摘要翻译： 提供了方法和装置，用于通过无声警报通道安全可靠地传送消息。 通过获得多个消息来发送多个消息; 以及在前向安全信道上将所述多个消息发送到接收机，其中所述前向安全信道包括具有多个条目的缓冲器，其中每个条目存储所述消息之一，并且其中，所述多个 在接收器读取通道之后，消息在前向安全通道中保持。 可选地，在前向安全通道上执行两个级别的加密。 所公开的静默报警信道携带的消息可以包括例如（i）安全日志中的条目; （ii）通过认证令牌导出的一次性密码; 或（iii）篡改来自一个或多个传感器设备的通知。

公开(公告)号：US08572385B2

公开(公告)日：2013-10-29

申请号：US13194702

申请日：2011-07-29

申请人： Charalampos Papamanthou ,  Roberto Tamassia ,  Nikolaos Triandopoulos

发明人： Charalampos Papamanthou ,  Roberto Tamassia ,  Nikolaos Triandopoulos

IPC分类号： H04L9/32

CPC分类号： H04L9/3073 ,  H04L9/3026 ,  H04L9/3236 ,  H04L2209/26 ,  H04L2209/38

摘要： A system and method for cryptographically checking the correctness of outsourced set operations performed by an untrusted server over a dynamic collection of sets that are owned (and updated) by a trusted source is disclosed. The system and method provides new authentication mechanisms that allow any entity to publicly verify a proof attesting the correctness of primitive set operations such as intersection, union, subset and set difference. Based on a novel extension of the security properties of bilinear-map accumulators as well as on a primitive called accumulation tree, the system and method achieves optimal verification and proof complexity, as well as optimal update complexity, while incurring no extra asymptotic space overhead. The method provides an efficient proof construction, adding a logarithmic overhead to the computation of the answer of a set-operation query. Applications of interest include efficient verification of keyword search and database queries.

摘要翻译： 公开了一种用于密码地检查由不受信任的服务器对由可信源所拥有（并更新）的集合的动态集合执行的外包集合操作的正确性的系统和方法。 系统和方法提供了新的认证机制，允许任何实体公开验证证明原始集合操作的正确性的证明，例如交集，联合，子集和设置差异。 基于双线性映射累加器的安全属性的新颖扩展以及原始称为累积树的原型，系统和方法实现了最优验证和验证复杂度，以及最优的更新复杂度，同时不产生额外的渐近空间开销。 该方法提供了一种有效的证明结构，为设置操作查询的答案的计算增加了对数开销。 感兴趣的应用程序包括关键字搜索和数据库查询的有效验证。

公开(公告)号：US07974221B2

公开(公告)日：2011-07-05

申请号：US12223224

申请日：2007-01-24

申请人： Roberto Tamassia ,  Nikolaos Triandopoulos

发明人： Roberto Tamassia ,  Nikolaos Triandopoulos

IPC分类号： H04L12/28

CPC分类号： H04L67/104 ,  H04L63/12 ,  H04L63/126 ,  H04L67/1065 ,  H04L67/1089

摘要： In one exemplary embodiment, a method includes: providing an abstract tree structure having a root node, tree nodes, and leaf nodes, each leaf node corresponds to a portion of data; mapping first network nodes of a distributed network to the tree nodes; mapping second network nodes to the leaf nodes; assigning unique identifiers to the root node, tree nodes, and leaf nodes; storing, at each first network node, the unique identifier of the corresponding tree node, the unique identifier of a parent, and the unique identifiers of children; storing, at each second network node, the portion of data and path information; providing a distributed hash tree wherein the DHT includes a hash value for each node of the ATS signing the top hash value for the root node; and storing, at each second network node, the corresponding hash value of the tree node and the hash values of children.

摘要翻译： 在一个示例性实施例中，一种方法包括：提供具有根节点，树节点和叶节点的抽象树结构，每个叶节点对应于一部分数据; 将分布式网络的第一个网络节点映射到树节点; 将第二个网络节点映射到叶节点; 为根节点，树节点和叶节点分配唯一标识符; 在每个第一网络节点处存储相应树节点的唯一标识符，父节点的唯一标识符和子节点的唯一标识符; 在每个第二网络节点处存储数据和路径信息的一部分; 提供分布式散列树，其中所述DHT包括为所述根节点签名所述顶部哈希值的所述ATS的每个节点的哈希值; 并且在每个第二网络节点处存储所述树节点的对应散列值和所述子节点的哈希值。

公开(公告)号：US20100110935A1

公开(公告)日：2010-05-06

申请号：US12223224

申请日：2007-01-24

申请人： Roberto Tamassia ,  Nikolaos Triandopoulos

发明人： Roberto Tamassia ,  Nikolaos Triandopoulos

IPC分类号： H04L12/28 ,  G06F17/30

CPC分类号： H04L67/104 ,  H04L63/12 ,  H04L63/126 ,  H04L67/1065 ,  H04L67/1089

摘要： A method and distributed network are provided. The method includes: providing an abstract tree structure having a root node, a plurality of tree nodes, and a plurality of leaf nodes, wherein each leaf node corresponds to at least a portion of data (box 601); mapping, in accordance with a first mapping function, a plurality of first network nodes of a distributed network to the plurality of tree nodes of the abstract tree structure (box 602); mapping, in accordance with a second mapping function, a plurality of second network nodes of the distributed network to the plurality of leaf nodes of the abstract tree structure (box 603); assigning a unique identifier to the root node, each tree node, and each leaf node (box 604); storing, at each first network node, the unique identifier of the corresponding tree node, the unique identifier of a parent of that tree node, and the unique identifiers of children of that tree node (box 605); storing, at each second network node, the corresponding at least a portion of data and path information having a path of nodes from the corresponding leaf node to the root node (box 606); providing a distributed hash tree corresponding to the abstract tree structure, wherein the distributed hash tree includes a corresponding hash value for each node of the abstract tree structure, wherein the corresponding hash value for the root node is atop hash value (box 607); signing the top hash value of the distributed hash tree (box 608); and storing, at each second network node, the corresponding hash value of the corresponding tree node and the corresponding hash values of children of that tree node (box 609).

摘要翻译： 提供了一种方法和分布式网络。 该方法包括：提供具有根节点，多个树节点和多个叶节点的抽象树结构，其中每个叶节点对应于数据的至少一部分（框601）; 根据第一映射函数将分布式网络的多个第一网络节点映射到抽象树结构的多个树节点（框602）; 根据第二映射函数将分布式网络的多个第二网络节点映射到抽象树结构的多个叶节点（框603）; 向根节点，每个树节点和每个叶节点分配唯一标识符（框604）; 在每个第一网络节点处存储相应树节点的唯一标识符，该树节点的父节点的唯一标识符以及该树节点的子节点的唯一标识符（框605）; 在每个第二网络节点处存储对应的至少一部分数据和路径信息，所述数据和路径信息具有从相应叶节点到根节点的节点路径（框606）; 提供对应于抽象树结构的分布式散列树，其中分布式散列树包括抽象树结构的每个节点的对应散列值，其中根节点的对应散列值是顶部散列值（框607）; 签署分布式散列树的顶部哈希值（框608）; 并且在每个第二网络节点处存储相应树节点的对应散列值和该树节点的子节点的相应哈希值（框609）。

公开(公告)号：US20120030468A1

公开(公告)日：2012-02-02

申请号：US13194702

申请日：2011-07-29

申请人： Charalampos Papamanthou ,  Roberto Tamassia ,  Nikolaos Triandopoulos

发明人： Charalampos Papamanthou ,  Roberto Tamassia ,  Nikolaos Triandopoulos

IPC分类号： H04L9/32

CPC分类号： H04L9/3073 ,  H04L9/3026 ,  H04L9/3236 ,  H04L2209/26 ,  H04L2209/38

摘要： A system and method for cryptographically checking the correctness of outsourced set operations performed by an untrusted server over a dynamic collection of sets that are owned (and updated) by a trusted source is disclosed. The system and method provides new authentication mechanisms that allow any entity to publicly verify a proof attesting the correctness of primitive set operations such as intersection, union, subset and set difference. Based on a novel extension of the security properties of bilinear-map accumulators as well as on a primitive called accumulation tree, the system and method achieves optimal verification and proof complexity, as well as optimal update complexity, while incurring no extra asymptotic space overhead. The method provides an efficient proof construction, adding a logarithmic overhead to the computation of the answer of a set-operation query. Applications of interest include efficient verification of keyword search and database queries.

摘要翻译： 公开了一种用于密码地检查由不受信任的服务器对由可信源所拥有（并更新）的集合的动态集合执行的外包集合操作的正确性的系统和方法。 系统和方法提供了新的认证机制，允许任何实体公开验证证明原始集合操作的正确性的证明，例如交集，联合，子集和设置差异。 基于双线性映射累加器的安全属性的新颖扩展以及原始称为累积树的原型，系统和方法实现了最优验证和验证复杂度，以及最优的更新复杂度，同时不产生额外的渐近空间开销。 该方法提供了一种有效的证明结构，为设置操作查询的答案的计算增加了对数开销。 感兴趣的应用程序包括关键字搜索和数据库查询的有效验证。