-
公开(公告)号:US20170055154A1
公开(公告)日:2017-02-23
申请号:US15345929
申请日:2016-11-08
CPC分类号: H04W12/06 , G06F2221/2111 , G06F2221/2151 , H04L63/083 , H04L63/0876
摘要: An approach for authenticating a user computer, connectable to a mobile network includes a computing device retrieving an attribute credential, the attribute credential certifying a set of user attributes, a device identifier for identifying the user computer to the mobile network, a location credential, the location credential certifying a device identifier and location data indicating a location of the user computer determined by the mobile network. The approach includes a computer producing an authentication token comprising the attribute credential, the location credential, the location data and a proof for proving that the device identifier in the attribute credential equals the device identifier in the location credential. The approach includes a computer producing a blinded attribute credential by randomized blinding of the attribute credential, wherein the authentication token includes the blinded attribute credential and the proof verifies possession by the user computer of the attribute credential in the blinded attribute credential.
摘要翻译: 用于认证可连接到移动网络的用户计算机的方法包括:检索属性凭证的计算设备,认证一组用户属性的属性凭证,用于将移动网络识别用户计算机的设备标识符,位置凭证, 验证设备标识符的位置证书和指示由移动网络确定的用户计算机的位置的位置数据。 该方法包括产生认证令牌的计算机,其包括属性凭证,位置凭证,位置数据以及用于证明属性凭证中的设备标识符等于位置凭证中的设备标识符的证明。 该方法包括通过对属性凭证进行随机盲法来产生盲目的属性凭证的计算机,其中认证令牌包括盲文属性凭证,并且该证明验证用户计算机在属性凭证中隐藏属性凭证的属性。
-
公开(公告)号:US10447467B2
公开(公告)日:2019-10-15
申请号:US15146707
申请日:2016-05-04
摘要: In a computer-implemented method for signing a message by a user device of a public key infrastructure (PKI) system, the message and a user public key are sent to at least one attestation server and a server signature on the message is received from the attestation server. The server signature attests the validity of the user public key and is bound to the user public key and the message. The message and the server signature are signed with a user private key, thereby providing a user signature on the message. An attestation server and a related computer program product are also provided.
-
3.发明授权System and method for generating a server-assisted strong password from a weak secret 有权从弱秘密生成服务器辅助的强密码的系统和方法公开(公告)号:US09565020B1
公开(公告)日:2017-02-07
申请号:US15013119
申请日:2016-02-02
CPC分类号: H04L9/0861 , H04L9/085 , H04L9/0863 , H04L9/0894 , H04L9/3247 , H04L63/061 , H04L63/0815 , H04L63/083
摘要: Disclosed herein is a method for generating a high entropy password using a low entropy password and low-entropy login data comprising supplying the low entropy password to a system comprising a generating client and/or a recovery client; and at least n servers; submitting request data derived, at least in part, from the user's low entropy password, where the request data includes authentication data; engaging in a distributed protocol with at least t servers to generate high-entropy values based on stored cryptographic information and a set of authentication information stored on the at least n servers which is checked against the authentication data provided by the user and/or the generating client and/or a recovery client; and generating the high entropy password.
摘要翻译: 本文公开了一种使用低熵密码和低熵登录数据生成高熵密码的方法,包括向包括生成客户端和/或恢复客户端的系统提供低熵密码; 和至少n个服务器; 提交至少部分地从用户的低熵密码导出请求数据,其中请求数据包括认证数据; 基于存储在至少n个服务器上的所存储的加密信息和一组验证信息来与至少t个服务器进行分布式协议以产生高熵值,所述验证信息是针对由用户提供的认证数据和/或产生的 客户端和/或恢复客户端; 并产生高熵密码。
-
公开(公告)号:US20160269416A1
公开(公告)日:2016-09-15
申请号:US15033128
申请日:2014-10-31
IPC分类号: H04L29/06
CPC分类号: H04L63/102 , H04L63/065 , H04L63/083 , H04L63/126
摘要: “A method for controlling access to a resource of an owner of the resource is provided. The owner can be a user of a resource computer system. The access control can be based on social network data of a social network system and/or on an owner token relating to the owner or, a requester token relating to a requester requesting access to the resource and an access control policy. The owner token and the requester token can be received by the system to determine by the social networking system whether access to the resource is to be granted based on the content of the owner token and the requester token. A social network identity of the owner and a social network identity of the requester may only be determinable by the social network system.
摘要翻译: “提供了用于控制对资源的所有者的资源的访问的方法。 所有者可以是资源计算机系统的用户。 访问控制可以基于社交网络系统的社交网络数据和/或与所有者有关的所有者令牌,或者与请求访问资源的请求者相关的请求者令牌和访问控制策略。 所有者令牌和请求者令牌可以由系统接收以由社交网络系统确定是否将基于所有者令牌和请求者令牌的内容授予对资源的访问。 所有者的社交网络身份和请求者的社交网络身份只能由社交网络系统确定。
-
公开(公告)号:US10091190B2
公开(公告)日:2018-10-02
申请号:US14966061
申请日:2015-12-11
摘要: Authentication of a device through a constructed authentication token. Components of an authentication key are distributed across at least a device and a server, diminishing a likelihood that an individual account is compromised by an attack.
-
公开(公告)号:US20170324545A1
公开(公告)日:2017-11-09
申请号:US15146707
申请日:2016-05-04
CPC分类号: H04L9/006 , H04L9/3257 , H04L9/3268 , H04L63/06 , H04L63/062 , H04L63/0823 , H04L2463/121
摘要: In a computer-implemented method for signing a message by a user device of a public key infrastructure (PKI) system, the message and a user public key are sent to at least one attestation server and a server signature on the message is received from the attestation server. The server signature attests the validity of the user public key and is bound to the user public key and the message. The message and the server signature are signed with a user private key, thereby providing a user signature on the message. An attestation server and a related computer program product are also provided.
-
公开(公告)号:US09578505B2
公开(公告)日:2017-02-21
申请号:US14692441
申请日:2015-04-21
CPC分类号: H04W12/06 , G06F2221/2111 , G06F2221/2151 , H04L63/083 , H04L63/0876
摘要: In an approach for authenticating a user computer, connectable to a mobile network, a computer retrieves an attribute credential, the attribute credential certifying a set of user attributes and a device identifier for identifying the user computer to the mobile network. The computer requests a location credential, the location credential certifying a device identifier and location data indicating a current location of the user computer determined by the mobile network. Additionally, the computer produces an authentication token comprising the attribute credential, the location credential, the location data, and a proof for proving that the device identifier in the attribute credential equals the device identifier in the location credential. Furthermore, the computer sends the authentication token for authentication.
摘要翻译: 在用于验证可连接到移动网络的用户计算机的方法中,计算机检索属性凭证,证明一组用户属性的属性凭证和用于将移动网络识别用户计算机的设备标识符。 计算机请求位置凭证,证明设备标识符的位置凭证和指示由移动网络确定的用户计算机的当前位置的位置数据。 此外,计算机产生包括属性凭证,位置凭证,位置数据以及用于证明属性凭证中的设备标识符等于位置凭证中的设备标识符的证明的认证令牌。 此外,计算机发送认证令牌进行认证。
-
公开(公告)号:US10211981B2
公开(公告)日:2019-02-19
申请号:US15814700
申请日:2017-11-16
摘要: Disclosed herein is a method for generating a high entropy password using a low entropy password and low-entropy login data comprising supplying the low entropy password to a system comprising a generating client and/or a recovery client; and at least n servers; submitting request data derived, at least in part, from the user's low entropy password, where the request data includes authentication data; engaging in a distributed protocol with at least t servers to generate high-entropy values based on stored cryptographic information and a set of authentication information stored on the at least n servers which is checked against the authentication data provided by the user and/or the generating client and/or a recovery client; and generating the high entropy password.
-
公开(公告)号:US09882717B2
公开(公告)日:2018-01-30
申请号:US15226064
申请日:2016-08-02
CPC分类号: H04L9/0861 , H04L9/085 , H04L9/0863 , H04L9/0894 , H04L9/3247 , H04L63/061 , H04L63/0815 , H04L63/083
摘要: Disclosed herein is a method for generating a high entropy password using a low entropy password and low-entropy login data comprising supplying the low entropy password to a system comprising a generating client and/or a recovery client; and at least n servers; submitting request data derived, at least in part, from the user's low entropy password, where the request data includes authentication data; engaging in a distributed protocol with at least t servers to generate high-entropy values based on stored cryptographic information and a set of authentication information stored on the at least n servers which is checked against the authentication data provided by the user and/or the generating client and/or a recovery client; and generating the high entropy password.
-
公开(公告)号:US20170141925A1
公开(公告)日:2017-05-18
申请号:US14943144
申请日:2015-11-17
CPC分类号: H04L9/3249 , G06F21/335 , G06F2221/2111 , H04L9/302 , H04L9/3218 , H04L9/3247 , H04L9/3263 , H04L63/0421 , H04L63/0823 , H04L63/107 , H04L63/123 , H04W12/02 , H04W12/10
摘要: The present disclosure relates to a cryptographic method for enabling access by a user device to services provided by a server in a set of reference areas. The method comprises at the user device: obtaining a set of reference credentials of the server certifying data indicating the reference areas; obtaining a location credential certifying location data indicating the current location of the user device; generating an authentication token comprising a cryptographic proof for proving that the current location of the user device certified by the location credential matches at least one reference area certified by the set of reference credentials; sending the authentication token to the server for accessing the services by the user device in the at least one reference area.
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.017 秒)
