公开(公告)号：US20120072714A1

公开(公告)日：2012-03-22

申请号：US13296347

申请日：2011-11-15

申请人： Michael Grandcolas ,  Marc Guzman ,  Thomas Yee ,  Dilip Parekh ,  Yonggiang Chen

发明人： Michael Grandcolas ,  Marc Guzman ,  Thomas Yee ,  Dilip Parekh ,  Yonggiang Chen

IPC分类号： H04L9/32

CPC分类号： H04L9/3226 ,  H04L9/0825 ,  H04L63/045 ,  H04L63/0853 ,  H04L2209/56

摘要： A method and system for securely logging onto a banking system authentication server so that a user credential never appears in the clear during interaction with the system in which a user's credential is DES encrypted, and the DES key is PKI encrypted with the public key of an application server by an encryption applet before being transmitted to the application server. Within the HSM of the application server, the HSM decrypts and re-encrypts the credential under a new DES key known to the authentication server, the re-encrypted credential is forwarded to the authentication server, decrypted with the new DES key known to the authentication server, and verified by the authentication server.

摘要翻译： 一种用于安全地登录到银行系统认证服务器的方法和系统，使得用户凭证在与用户凭证被DES加密的系统交互期间不会出现清楚，并且DES密钥是用公钥的PKI加密的 应用服务器由加密小程序发送到应用服务器之前。 在应用服务器的HSM内，HSM在认证服务器已知的新DES密钥下解密并重新加密证书，将重新加密的证书转发给认证服务器，并用认证已知的新DES密钥进行解密 服务器，并由验证服务器验证。

公开(公告)号：US08302172B2

公开(公告)日：2012-10-30

申请号：US13296347

申请日：2011-11-15

申请人： Michael Grandcolas ,  Marc Guzman ,  Thomas Yee ,  Dilip Parekh ,  Yonggiang Chen

发明人： Michael Grandcolas ,  Marc Guzman ,  Thomas Yee ,  Dilip Parekh ,  Yonggiang Chen

IPC分类号： G06F7/04

CPC分类号： H04L9/3226 ,  H04L9/0825 ,  H04L63/045 ,  H04L63/0853 ,  H04L2209/56

摘要： A method and system for securely logging onto a banking system authentication server so that a user credential never appears in the clear during interaction with the system in which a user's credential is DES encrypted, and the DES key is PKI encrypted with the public key of an application server by an encryption applet before being transmitted to the application server. Within the HSM of the application server, the HSM decrypts and re-encrypts the credential under a new DES key known to the authentication server, the re-encrypted credential is forwarded to the authentication server, decrypted with the new DES key known to the authentication server, and verified by the authentication server.

摘要翻译： 一种用于安全地登录到银行系统认证服务器的方法和系统，使得用户凭证在与用户凭证被DES加密的系统交互期间不会出现清楚，并且DES密钥是用公钥的PKI加密的 应用服务器由加密小程序发送到应用服务器之前。 在应用服务器的HSM内，HSM在认证服务器已知的新DES密钥下解密并重新加密证书，将重新加密的证书转发给认证服务器，并用认证已知的新DES密钥进行解密 服务器，并由验证服务器验证。