-
公开(公告)号:US20120166809A1
公开(公告)日:2012-06-28
申请号:US12980218
申请日:2010-12-28
申请人: Edward M. Barton , Len L. Mizrah
发明人: Edward M. Barton , Len L. Mizrah
IPC分类号: H04L9/32
CPC分类号: H04L9/0844
摘要: Two parties can establish a cryptographic key using a matrix based key exchange protocol, for secure communications without any prior distribution of secret keys or other secret data, and without revealing said key to any third party who may have access to all of the transmissions between them. A common matrix M, shared in advance, is multiplied by a random matrix K on the sending side, and a different random matrix N on the receiving side. The matrix product KM is sent from the sending side to the receiving side, and the matrix product MN is sent from the receiving side to the sending side. Both sides produce the common matrix product KMN, and use it for producing a symmetric key for encrypted communications.
摘要翻译: 双方可以使用基于矩阵的密钥交换协议来建立加密密钥,用于安全通信,而无需事先分发秘密密钥或其他秘密数据,并且不向可能访问其间的所有传输的任何第三方泄露所述密钥 。 预先共享的公共矩阵M乘以发送侧的随机矩阵K,并且在接收侧乘以不同的随机矩阵N. 矩阵产品KM从发送侧发送到接收侧,矩阵产品MN从接收侧发送到发送侧。 双方产生公共矩阵产品KMN,并用于生成用于加密通信的对称密钥。
-
2.发明授权公开(公告)号:US09215072B1
公开(公告)日:2015-12-15
申请号:US13658815
申请日:2012-10-23
申请人: Edward M. Barton , Len L. Mizrah
发明人: Edward M. Barton , Len L. Mizrah
CPC分类号: H04L9/3226 , G06F21/36 , H04L9/085 , H04L9/3271 , H04L63/083
摘要: A party can authenticate itself by interacting with multiple servers without revealing the shared secret to any of the involved parties. The stored shared secret is strengthened and broken into shares and saved on the servers. The shared secret is safe against offline brute force attack unless all servers where the shares are stored are compromised. The compromise of any single server, or multiple servers—but less than the maximum number—will not allow the attacker to do a brute force analysis on the shared secret. This back end security enhancement is suitable for probabilistic front end authentication algorithms.
摘要翻译: 派对可以通过与多个服务器交互而对其进行身份验证,而不向任何相关方泄露共享的秘密。 存储的共享密钥被加强并分成共享并保存在服务器上。 除非存储共享的所有服务器都受到破坏,否则共享的秘密可以安全地防止脱机暴力攻击。 任何单个服务器或多个服务器(但小于最大数量)的妥协将不允许攻击者对共享密钥进行强力分析。 这种后端安全性增强适用于概率前端认证算法。
-
3.发明授权System and method for mutually authenticated cryptographic key exchange using matrices 有权使用矩阵进行相互认证的加密密钥交换的系统和方法公开(公告)号:US08656484B2
公开(公告)日:2014-02-18
申请号:US12980024
申请日:2010-12-28
申请人: Edward M. Barton , Len L. Mizrah
发明人: Edward M. Barton , Len L. Mizrah
CPC分类号: H04L9/0844
摘要: Two parties can establish a cryptographic key using a matrix based key exchange protocol, for secure communications without any prior distribution of secret keys or other secret data, and without revealing said key to any third party who may have access to all of the transmissions between them. The two parties use a shared secret to produce a common matrix M. The common matrix M, is multiplied by a random matrix K on the sending side, and a different random matrix N on the receiving side. The matrix product KM is sent from the sending side to the receiving side, and the matrix product MN is sent from the receiving side to the sending side. Both sides produce the common matrix product KMN, and use it for producing a symmetric key for encrypted communications, after mutually authenticating one another over an insecure network.
摘要翻译: 双方可以使用基于矩阵的密钥交换协议来建立加密密钥,用于安全通信,而无需事先分发秘密密钥或其他秘密数据,并且不向可能访问其间的所有传输的任何第三方泄露所述密钥 。 双方使用共享密钥来产生公共矩阵M.公共矩阵M乘以发送侧的随机矩阵K和接收侧的不同随机矩阵N. 矩阵产品KM从发送侧发送到接收侧,矩阵产品MN从接收侧发送到发送侧。 双方产生公共矩阵产品KMN,并通过不安全的网络相互认证,用于生成用于加密通信的对称密钥。
-
4.发明申请AUTHENTICATION METHOD OF ENUMERATED PATTERN OF FIELD POSITIONS BASED CHALLENGE AND ENUMERATED PATTERN OF FIELD POSITIONS BASED RESPONSE THROUGH INTERACTION BETWEEN TWO CREDENTIALS IN RANDOM PARTIAL DIGITIZED PATH RECOGNITION SYSTEM 有权基于随机部分数字路径识别系统中的两个证据之间的相互作用的基于现场位置的基于场景的挑战和演化图案的识别方法的验证方法公开(公告)号:US20140115679A1
公开(公告)日:2014-04-24
申请号:US13658812
申请日:2012-10-23
申请人: Edward M. Barton , Len L. Mizrah
发明人: Edward M. Barton , Len L. Mizrah
IPC分类号: H04L9/32
CPC分类号: G09C5/00 , H04L9/3273 , H04L63/083 , H04L63/0853
摘要: An interactive method for authentication is based on two shared secrets, both shared secrets in the form of an ordered path on the frame of reference. An instance of the frame of reference comprises a set of characters which is arranged in a random or other irregular pattern. The first step of authentication that a user performs requires the user to remember one or all of the characters in the displayed instance of the frame of reference found in the locations in the random subset of the first ordered path by indicating characters either in these locations, or any other locations having the same characters. The second step of authentication requires that a user enter the position of the second ordered path, which only they know during an authentication session, where the challenge identifying the position of the ordered path is the single or multiple values that matches the value of the digital content of the frame of reference.
摘要翻译: 用于认证的交互方法基于两个共享秘密,即在参考框架上以有序路径的形式的共享秘密。 参考框架的实例包括以随机或其他不规则图案排列的一组字符。 用户执行的认证的第一步骤要求用户通过在这些位置中指示字符来记住在第一有序路径的随机子集中的位置中发现的参考帧的所显示的实例中的一个或所有字符, 或具有相同字符的任何其他位置。 验证的第二步需要用户输入第二有序路径的位置,这只在认证会话期间才知道,其中识别有序路径的位置的挑战是与数字的值相匹配的单个或多个值 内容的参考框架。
-
公开(公告)号:US08621227B2
公开(公告)日:2013-12-31
申请号:US12980218
申请日:2010-12-28
申请人: Edward M. Barton , Len L. Mizrah
发明人: Edward M. Barton , Len L. Mizrah
CPC分类号: H04L9/0844
摘要: Two parties can establish a cryptographic key using a matrix based key exchange protocol, for secure communications without any prior distribution of secret keys or other secret data, and without revealing said key to any third party who may have access to all of the transmissions between them. A common matrix M, shared in advance, is multiplied by a random matrix K on the sending side, and a different random matrix N on the receiving side. The matrix product KM is sent from the sending side to the receiving side, and the matrix product MN is sent from the receiving side to the sending side. Both sides produce the common matrix product KMN, and use it for producing a symmetric key for encrypted communications.
摘要翻译: 双方可以使用基于矩阵的密钥交换协议来建立加密密钥,用于安全通信,而无需事先分发秘密密钥或其他秘密数据,并且不向可能访问其间的所有传输的任何第三方泄露所述密钥 。 预先共享的公共矩阵M乘以发送侧的随机矩阵K,并且在接收侧乘以不同的随机矩阵N. 矩阵产品KM从发送侧发送到接收侧,矩阵产品MN从接收侧发送到发送侧。 双方产生公共矩阵产品KMN,并用于生成用于加密通信的对称密钥。
-
6.发明申请SYSTEM AND METHOD FOR MUTUALLY AUTHENTICATED CRYPTOGRAPHIC KEY EXCHANGE USING MATRICES 有权使用矩阵的MUTULEY AUTHENATED CRYPTOGRAPHIC KEY EXCHANGE的系统和方法公开(公告)号:US20120166791A1
公开(公告)日:2012-06-28
申请号:US12980024
申请日:2010-12-28
申请人: EDWARD M. BARTON , Len L. Mizrah
发明人: EDWARD M. BARTON , Len L. Mizrah
IPC分类号: H04L9/00
CPC分类号: H04L9/0844
摘要: Two parties can establish a cryptographic key using a matrix based key exchange protocol, for secure communications without any prior distribution of secret keys or other secret data, and without revealing said key to any third party who may have access to all of the transmissions between them. The two parties use a shared secret to produce a common matrix M. The common matrix M, is multiplied by a random matrix K on the sending side, and a different random matrix N on the receiving side. The matrix product KM is sent from the sending side to the receiving side, and the matrix product MN is sent from the receiving side to the sending side. Both sides produce the common matrix product KMN, and use it for producing a symmetric key for encrypted communications, after mutually authenticating one another over an insecure network.
摘要翻译: 双方可以使用基于矩阵的密钥交换协议来建立加密密钥,用于安全通信,而无需事先分发秘密密钥或其他秘密数据,并且不向可能访问其间的所有传输的任何第三方泄露所述密钥 。 双方使用共享密钥来产生公共矩阵M.公共矩阵M乘以发送侧的随机矩阵K和接收侧的不同随机矩阵N. 矩阵产品KM从发送侧发送到接收侧,矩阵产品MN从接收侧发送到发送侧。 双方产生公共矩阵产品KMN,并通过不安全的网络相互认证,用于生成用于加密通信的对称密钥。
-
7.发明授权System and method for in- and out-of-band multi-factor server-to-user authentication 有权带内和带外多因素服务器到用户认证的系统和方法公开(公告)号:US08627088B2
公开(公告)日:2014-01-07
申请号:US12703685
申请日:2010-02-10
申请人: Len L. Mizrah
发明人: Len L. Mizrah
IPC分类号: H04K1/00
CPC分类号: H04L9/3215 , H04L9/3228 , H04L9/3234 , H04L9/3273 , H04L63/0869 , H04L63/18 , H04L2209/608 , H04L2463/082
摘要: A method to authenticate a server to a client is provided, including in-band and out-of-band techniques. At least a first shared secret identifies a server path, including a plurality of pre-defined locations on a frame of reference (e.g. a grid). An authentication session is initiated upon receiving a client identifier at the server-side resources. A current session instance of the grid is presented to the client, populated with characters. The process includes sharing between the client and the server a challenge identifying a random subset of the plurality of predefined locations in the server path, and a response including characters that match the characters in the locations on the server path identified by the challenge. As a result, client is capable of verifying that the server has access to the first shared secret. Then a protocol is executed to authenticate the client to the server.
摘要翻译: 提供了向客户端认证服务器的方法,包括带内和带外技术。 至少第一共享秘密识别服务器路径,包括参考帧(例如网格)上的多个预定义位置。 在服务器端资源接收到客户端标识符时,启动认证会话。 网格的当前会话实例被呈现给客户端,填充有字符。 该过程包括在客户机和服务器之间共享识别服务器路径中的多个预定义位置的随机子集的挑战,以及包括与由挑战所标识的服务器路径上的位置中的字符匹配的字符的响应。 因此,客户端能够验证服务器是否可以访问第一个共享密钥。 然后执行一个协议来验证客户端到服务器。
-
8.发明授权Key generation method for communication session encryption and authentication system 有权通信会话加密和认证系统的密钥生成方法公开(公告)号:US07581100B2
公开(公告)日:2009-08-25
申请号:US10653503
申请日:2003-09-02
申请人: Len L. Mizrah
发明人: Len L. Mizrah
IPC分类号: H04L9/32
CPC分类号: H04L63/061 , H04L9/0844 , H04L9/3273 , H04L63/08 , H04L63/0869
摘要: An interactive mutual authentication protocol, which does not allow shared secrets to pass through untrusted communication media, integrates an encryption key management system into the authentication protocol. The server provides ephemeral encryption keys in response to a request during a Session Random Key (SRK) initiation interval. SRK is provided for all sessions initiated in the SRK initiation interval. A set of ephemeral intermediate Data Random Keys (DRK) is associated with each request. A message carrying the SRK is sent to the requestor. A response from the requester includes a shared parameter encrypted using the SRK verifying receipt of the SRK. After verifying receipt of the SRK at the requester, at least one message is sent by the server carrying an encrypted version of one of said set of ephemeral intermediate DRK to be accepted as an encryption key for the session.
摘要翻译: 不允许共享秘密通过不信任的通信介质的交互式互认认证协议将加密密钥管理系统集成到认证协议中。 服务器在会话随机密钥(SRK)启动间隔期间响应于请求提供临时加密密钥。 为SRK启动间隔中启动的所有会话提供SRK。 一组短暂的中间数据随机密钥(DRK)与每个请求相关联。 携带SRK的消息被发送到请求者。 来自请求者的响应包括使用SRK验证SRK的接收来加密的共享参数。 在验证在请求者之后接收到SRK的情况下,服务器发送至少一个消息,该消息携带所述一组临时中间DRK之一的加密版本,以被接受为会话的加密密钥。
-
9.发明授权Authentication method of random partial digitized path recognition with a challenge built into the path 有权随机部分数字化路径识别的验证方法,具有内置于路径中的挑战公开(公告)号:US07849321B2
公开(公告)日:2010-12-07
申请号:US11466697
申请日:2006-08-23
申请人: Len L. Mizrah
发明人: Len L. Mizrah
IPC分类号: G06F21/00
摘要: An interactive method for authentication is based on two shared secrets, including a first shared secret in the form of an ordered path on the frame of reference, and a second shared secret in the form of locations on the frame of reference at which characters identifying a subset of the ordered path are to be displayed. An instance of the frame of reference comprises a set of characters which is arranged in a random or other irregular pattern. Authentication requires that a user enter the characters in the displayed instance of the frame of reference found in the locations in the random subset of the ordered path by indicating characters either in these locations, or any other locations having the same characters. Thus, a secret challenge identifying the random partial subset is embedded within the displayed instance of the graphical representation of the frame of reference.
摘要翻译: 用于认证的交互方法基于两个共享秘密,包括在参考帧上以有序路径的形式的第一共享秘密,以及在参考帧上的位置形式的第二共享秘密,其中字符识别 要显示有序路径的子集。 参考框架的实例包括以随机或其他不规则图案排列的一组字符。 认证要求用户通过在这些位置或具有相同字符的任何其他位置指示字符来输入在有序路径的随机子集中的位置中找到的参考帧的显示实例中的字符。 因此,识别随机部分子集的秘密挑战被嵌入在参考帧的图形表示的所显示的实例内。
-
公开(公告)号:US07506161B2
公开(公告)日:2009-03-17
申请号:US10653506
申请日:2003-09-02
申请人: Len L. Mizrah
发明人: Len L. Mizrah
IPC分类号: H04L9/00
CPC分类号: H04L9/0844 , H04L9/3273
摘要: An interactive mutual authentication protocol, which does not allow shared secrets to pass through untrusted communication media, integrates an encryption key management system into the authentication protocol, so that key management becomes an essential part of the authentication protocol itself. The system provides a secure distribution of a secret session random key used in symmetric cryptography. Successful exchange of this encryption key allows for secure transit of the protocol data over communication lines in encrypted form, permitting explicit mutual authentication of the connected parties. The post-authentication stage of the communication session can use secure encryption for the data exchange, since each party has already obtained the secret session random key.
摘要翻译: 不允许共享秘密通过不信任通信介质的交互式互认认证协议将加密密钥管理系统集成到认证协议中,使得密钥管理成为认证协议本身的重要部分。 该系统提供在对称密码学中使用的秘密会话随机密钥的安全分发。 该加密密钥的成功交换允许协议数据通过通信线路以加密的形式进行安全传输,允许连接方的显式相互认证。 通信会话的后验证阶段可以使用安全加密来进行数据交换,因为每一方已经获得了秘密会话随机密钥。
-
-
-
-
-
-
-
-
-
搜索结果
21 条记录 (耗时 0.018 秒)
