Cryptography – Key management – Having particular key generator
Patent
1996-08-27
1998-05-12
Cain, David C.
Cryptography
Key management
Having particular key generator
380 25, 380 28, 380 21, H04K 100
Patent
active
057518122
ABSTRACT:
Methods and apparatus are disclosed for re-initializing a secure password series based on an iterated hash function. User login information is communicated over an insecure network connection or other transmission medium between a client and a server. The server provides an indication that a first login series based on a first password has reached a predetermined minimum number of remaining hash function iterations. This indication could also be generated by the client. In either case, the client responds to the indication by generating an initialization signal which relates the first login series based on the first password to a second login series based on a second password. The initialization signal may be generated as the exclusive-or of the results of applying a first number of hash function iterations to the first password and a second number of hash function iterations to the second password. The client transmits the initialization signal to the server, which stores it along with an encrypted password transmitted in a previous valid first series login by the same user. The server then compares a function of the stored initialization signal and an initial second series login to the previously-stored first series login to determine if the initial second series login is valid. The second password may be generated by the client using a pass phrase portion of the first password and a new seed portion which does not require additional user input. The password re-initialization process can thus be performed automatically without any need to notify the user.
REFERENCES:
patent: 4926479 (1990-05-01), Goldwasser et al.
patent: 5454039 (1995-09-01), Coppersmith et al.
patent: 5600776 (1997-02-01), Johnson et al.
Bell Communications Research Inc.
Cain David C.
Giordano Joseph
Yeadon Loria B.
LandOfFree
Re-initialization of an iterated hash function secure password s does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Re-initialization of an iterated hash function secure password s, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Re-initialization of an iterated hash function secure password s will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-991223