Entity authentication for pre-authenticated links
US-2024396898-A1 · Nov 28, 2024 · US
Method for providing security using secure computation
US9960919B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9960919-B2 |
| Application number | US-201414652454-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jan 8, 2014 |
| Priority date | Jan 8, 2013 |
| Publication date | May 1, 2018 |
| Grant date | May 1, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method of securing data, the method comprising: dividing a secret key into a plurality of secret key shares; storing each of the plurality of secret key shares in a different server of a plurality of servers so that none of the servers has access to the secret key and to the secret key share stored in another of the servers; using a server of the plurality of servers to execute a secure computation protocol to determine a value of a function responsive to all of the plurality of secret key shares without providing any of the plurality of servers with access to the secret key and to the secret key share stored in another of the servers; and using the calculated value of the function to secure the data.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method of authenticating a party for participation in an activity, the method comprising: dividing a first secret key into a plurality of secret key shares; storing each of the plurality of the first secret key shares in a different server of a plurality of servers so that none of the servers has access to the secret key share stored in another of the servers; transmitting a challenge to the party and requesting that the party encrypt the challenge using a second key; after the party encrypts the challenge using the second key, receiving the encrypted challenge from the party; executing at the plurality of servers a secure computation protocol to generate encryption of the challenge using the plurality of secret key shares without providing any of the plurality of servers with access to the first secret key and to the secret key share stored in another of the servers; comparing the encrypted challenge received from the party and the encrypted challenge generated by the plurality of servers to determine whether the second key is equal to the first key; and enabling the party to participate in the activity if and only if it was determined that the first and second keys are equal. 2. The method according to claim 1 wherein the activity comprises establishing a virtual private network communication channel. 3. The method according to claim 1 wherein the party comprises a communication device. 4. The method of securing data according to claim 1 wherein the first secret key comprises a key used in a Kerberos protocol and the challenge comprises an encryption of a ticket granting ticket (TGT) used by the secure computation protocol. 5. The method of securing data according to claim 1 wherein the first secret key comprises a key used in a Kerberos protocol and the challenge comprises an encryption of a service ticket (ST) used by the secure computation protocol. 6. The method of securing data according to claim 1 wherein the first secret key comprises a feature vector representing a biometric feature.
Assignees
Inventors
Classifications
- H04L9/3226Primary
using a predetermined code, e.g. password, passphrase or PIN (network architectures or network communication protocols for supporting authentication of entities using passwords in a packet data network H04L63/083) · CPC title
using one-time-passwords · CPC title
One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key · CPC title
Secure multiparty computation, e.g. millionaire problem · CPC title
using biometrical features, e.g. fingerprint, retina-scan (cryptographic mechanisms or cryptographic arrangements for entity authentication using biological data H04L9/3231) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9960919B2 cover?
- A method of securing data, the method comprising: dividing a secret key into a plurality of secret key shares; storing each of the plurality of secret key shares in a different server of a plurality of servers so that none of the servers has access to the secret key and to the secret key share stored in another of the servers; using a server of the plurality of servers to execute a secure compu…
- Who is the assignee on this patent?
- Univ Bar Ilan
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3226. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue May 01 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).