Patent
Method and apparatus for secure password transmission and password changes
Mohammad Peyravian,Nevenko Zunic +1 more
TLDR
A secure method for changing a password to a new password when the passwords are being transmitted over a network is presented in this article, which does not require the use of any additional public/private key pairs to protect the password exchanges.Abstract:
A secure method for changing a password to a new password when the passwords are being transmitted over a network is presented. The present invention does not require the use of any additional keys (such as symmetric keys or public/private key pairs) to protect the password exchanges. Moreover, the present solution does not require the use of any encryption algorithms (such as DES, RC4/RC5, etc.), it only requires the use of a collision-resistant hash function.read more
Citations
More filters
Patent
System and method providing disconnected authentication
Andrew Nanopoulos,Karl Ackerman,Piers Bowness,William Duane,Markus Jakobsson,Burton S. Kaliski,Dmitri Pal,Shane D. Rice +7 more
TL;DR: In this article, the verification records corresponding to given authentication token outputs over a predetermined period of time, sequence of events, and/or set of challenges are downloaded to a verifier.
Patent
Password encryption key
TL;DR: A password-encrypted key (PEK) is generated from a user-supplied password or other identifyting data and then used to encrypt the user's password as mentioned in this paper, which is stored in a user record on a server.
Patent
Methods and systems for remote password reset using an authentication credential managed by a third party
TL;DR: In this article, an authentication credential is managed by a third party agent that supplies a query and the authentication credential as a correct response to the query to the security server, and a new password is updated with the new password based on a successful result of the mutual authentication.
Patent
Two-way authentication using a combined code
TL;DR: In this article, an authentication process using a combined code as a shared secret between a client and a target service is provided, where the combined code is provided out ofband and includes data to perform two-way authentication for both the client and the target service.
Patent
Efficient method for providing secure remote access
TL;DR: In this article, a challenge token is generated and exchanged which is a one-time value that includes a random value that changes from session to session, without revealing any information about a secret password or a digest of the password itself.
References
More filters
Patent
Method and apparatus for cryptographic authentication
TL;DR: In this paper, a method for providing user authentication and a memory for storing a computer program for user authentication is described, and the method includes the steps of providing a first argument including a one-way cryptographic transformation of a password and a second argument including an additional cryptographic combination of the password and the first nonce, and comparing the second term with the first argument.
Patent
Method for changing passwords on a remote computer
TL;DR: In this article, a method for changing an account password stored at a physically remote location is provided, where a user submits both an old and a new password to its client machine, and the client computes two message values to be transmitted to the server.
Patent
Method for establishing user authentication with composite session keys among cryptographically communicating nodes
TL;DR: In this article, a dialogue involving authenticated encryption among the nodes is facilitated by creating a key for use in cryptographic conversion among the node participants in order to permit symmetric authentication, and the key is unique to the session.
Patent
System for controlling access to a secure system by verifying acceptability of proposed password by using hashing and group of unacceptable passwords
TL;DR: In this article, the acceptability of a password proposed by a user of a secure system is verified using a table of indicators, such that more than one password may be mapped to an indicator.
Patent
Systems, methods and computer program products that use an encrypted session for additional password verification
TL;DR: In this paper, the client verifies his clear password over an encrypted channel, rather than merely verifying the encrypted password, prior to receiving secure traffic, before sending secure traffic to the server.