公开(公告)号：US20200372149A1

公开(公告)日：2020-11-26

申请号：US16880525

申请日：2020-05-21

Applicant: Qatar Foundation for Education, Science and Community Development

Inventor： Roberto Di Pietro ,  Simone Raponi

IPC: G06F21/45 ,  G06F21/60 ,  H04L9/08

Abstract: The present disclosure provides a new and innovative system, method, and non-transitory computer-readable medium for securely recovering access to an online service account. Secret splitting is utilized to require multiple recovery mechanisms in order to recover access to an online service account, thus decreasing the likelihood that a malicious attacker will compromise all of the recovery mechanisms to gain access to the online service account. The secret is split into a quantity of tokens via a secret sharing function that can reconstruct the secret with a predetermined threshold quantity of the tokens. The level of security provided by the system is flexible by adjusting the quantity of recovery mechanisms and the predetermined threshold quantity of tokens required to reconstruct the secret.

公开(公告)号：US11641363B2

公开(公告)日：2023-05-02

申请号：US16657088

申请日：2019-10-18

Applicant: Qatar Foundation for Education, Science and Community Development

Inventor： Roberto Di Pietro ,  Savio Sciancalepore ,  Simone Raponi

IPC: H04L9/40 ,  H04L9/30 ,  H04L9/32

Abstract: Disclosed herein are methods and systems that can be used by an end-user to verify both the identity of a remote service (4) and the authenticity of a response provided by the remote service (4), even if the first authentication arrangement (2) used to interact with the remote service (4) is compromised. The end-user requests the remote service (4) to provide evidence of its identity, in the form of potentially different authentication materials. The authentication materials are then verified independently on each additional authentication arrangements (6, 7) and used to determine the authenticity of the response from the remote service (4).

公开(公告)号：US11182470B2

公开(公告)日：2021-11-23

申请号：US16880525

申请日：2020-05-21

Applicant: Qatar Foundation for Education, Science and Community Development

Inventor： Roberto Di Pietro ,  Simone Raponi

IPC: G06F21/00 ,  G06F21/45 ,  G06F21/60 ,  H04L9/08

Abstract: The present disclosure provides a new and innovative system, method, and non-transitory computer-readable medium for securely recovering access to an online service account. Secret splitting is utilized to require multiple recovery mechanisms in order to recover access to an online service account, thus decreasing the likelihood that a malicious attacker will compromise all of the recovery mechanisms to gain access to the online service account. The secret is split into a quantity of tokens via a secret sharing function that can reconstruct the secret with a predetermined threshold quantity of the tokens. The level of security provided by the system is flexible by adjusting the quantity of recovery mechanisms and the predetermined threshold quantity of tokens required to reconstruct the secret.

公开(公告)号：US20200228541A1

公开(公告)日：2020-07-16

申请号：US16657088

申请日：2019-10-18

Applicant: Qatar Foundation for Education, Science and Community Development

Inventor： Roberto Di Pietro ,  Savio Sciancalepore ,  Simone Raponi

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/30

Abstract: Disclosed herein are methods and systems that can be used by an end-user to verify both the identity of a remote service (4) and the authenticity of a response provided by the remote service (4), even if the first authentication arrangement (2) used to interact with the remote service (4) is compromised. The end-user requests the remote service (4) to provide evidence of its identity, in the form of potentially different authentication materials. The authentication materials are then verified independently on each additional authentication arrangements (6, 7) and used to determine the authenticity of the response from the remote service (4).