Information security – Access control or authentication – Stand-alone
Reexamination Certificate
2005-11-02
2010-06-15
Arani, Taghi T (Department: 2438)
Information security
Access control or authentication
Stand-alone
C463S029000, C705S044000, C713S168000, C713S183000, C713S186000, C380S002000
Reexamination Certificate
active
07739733
ABSTRACT:
Methods and systems for storing secret information in a digital vault include obtaining from a user answers to a number of different questions, and identifying which subsets or combinations of the questions for which correct answers later provided by an entity will enable that entity to gain access to the secret information in the vault. The number of questions in each combination is less than the total number of questions, and at least one subset has at least two questions. For each subset, a corresponding string of answers is generated, the string is hashed, and the resulting hash value is combined with the digital secret. This hides the digital secret, which is then stored in the vault. Methods and systems for registering authentication material include storing a hashed string of answers for each combination, generating “multiple authenticators.”
REFERENCES:
patent: 6317834 (2001-11-01), Gennaro et al.
patent: 6804786 (2004-10-01), Chamley et al.
patent: 7051209 (2006-05-01), Brickell
patent: 2003/0105959 (2003-06-01), Matyas et al.
patent: 2005/0031120 (2005-02-01), Samid
Carl Ellison; Chris Hall; Randy Milbert; Bruce Schneier | Protecting secret keys with personal entropy (http://www.schneier.com/paper-personal-entropy.pdf)| Oct. 28, 1999 | v. 16, 2000| pp. 311-318.
Bleichenbach, D. et al., “Noisy Polynomial Interpolation and Noisy Chinese Remaindering”,In B. Preneel, editor Advances in Cryptology, Eurocrypt'00. Springer Verlag, pp. 53-69, 2000 LNCS No. 1807.
Ford, W. et al., “Server Assisted Generation of a Strong Secret from a Password”, In Proceedings of the IEEE 9th Internatinal Workshop on Enabliing Technologies, Gaithersburg, MD, Jun. 2000, NIST.
Frykholm, N. et al., “Error-Tolerant Password Recovery”,ACM Conference on Computer and Communications Security, pp. 1-9, 2001.
Juels, A. et al., “A Fuzzy Vault Scheme”,ISIT 2002, Lausanne, Switzerland, one page, Jun. 30-Jul. 5, 2002.
RSA PKCS #5: Password-based Crytptography Standard, pp. 1-30, Mar. 25, 1999.
Juels, A. et al. A Fuzzy Commitment Scheme. In 5th ACM Conference on Computer Communications Security, pp. 28036 Singapore Nov. 1999 ACM Press.
Arani Taghi T
BainwoodHuang
EMC Corporation
Rahman Mahfuzur
LandOfFree
Storing digital secrets in a vault does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Storing digital secrets in a vault, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Storing digital secrets in a vault will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4245010