AU2014237590B2 - Privacy preserving knowledge/factor possession tests for persistent authentication - Google Patents

Privacy preserving knowledge/factor possession tests for persistent authentication Download PDF

Info

Publication number
AU2014237590B2
AU2014237590B2 AU2014237590A AU2014237590A AU2014237590B2 AU 2014237590 B2 AU2014237590 B2 AU 2014237590B2 AU 2014237590 A AU2014237590 A AU 2014237590A AU 2014237590 A AU2014237590 A AU 2014237590A AU 2014237590 B2 AU2014237590 B2 AU 2014237590B2
Authority
AU
Australia
Prior art keywords
hash
authentication
authentication hash
hashes
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
AU2014237590A
Other languages
English (en)
Other versions
AU2014237590A1 (en
Inventor
Omer Berkman
Marcel M.M. Yung
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Google LLC
Original Assignee
Google LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Google LLC filed Critical Google LLC
Publication of AU2014237590A1 publication Critical patent/AU2014237590A1/en
Assigned to GOOGLE LLC reassignment GOOGLE LLC Amend patent request/document other than specification (104) Assignors: GOOGLE, INC.
Application granted granted Critical
Publication of AU2014237590B2 publication Critical patent/AU2014237590B2/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/40User authentication by quorum, i.e. whereby two or more security principals are required
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • User Interface Of Digital Computer (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
AU2014237590A 2013-03-15 2014-03-07 Privacy preserving knowledge/factor possession tests for persistent authentication Active AU2014237590B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/844,619 2013-03-15
US13/844,619 US8949960B2 (en) 2013-03-15 2013-03-15 Privacy preserving knowledge and factor possession tests for persistent authentication
PCT/US2014/022075 WO2014150064A1 (en) 2013-03-15 2014-03-07 Privacy preserving knowledge/factor possession tests for persistent authentication

Publications (2)

Publication Number Publication Date
AU2014237590A1 AU2014237590A1 (en) 2015-09-10
AU2014237590B2 true AU2014237590B2 (en) 2019-02-28

Family

ID=51535030

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2014237590A Active AU2014237590B2 (en) 2013-03-15 2014-03-07 Privacy preserving knowledge/factor possession tests for persistent authentication

Country Status (8)

Country Link
US (1) US8949960B2 (enExample)
EP (1) EP2973162B1 (enExample)
JP (2) JP6352381B2 (enExample)
KR (1) KR102257943B1 (enExample)
CN (1) CN105210071B (enExample)
AU (1) AU2014237590B2 (enExample)
BR (1) BR112015023183B1 (enExample)
WO (1) WO2014150064A1 (enExample)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3120493B1 (en) * 2014-03-16 2018-11-07 Haventec PTY LTD Persistent authentication system incorporating one time pass codes
CN105337928B (zh) * 2014-06-24 2019-09-13 阿里巴巴集团控股有限公司 用户身份识别方法、安全保护问题生成方法及装置
US20220014555A1 (en) 2015-10-28 2022-01-13 Qomplx, Inc. Distributed automated planning and execution platform for designing and running complex processes
US10742647B2 (en) * 2015-10-28 2020-08-11 Qomplx, Inc. Contextual and risk-based multi-factor authentication
US12224992B2 (en) 2015-10-28 2025-02-11 Qomplx Llc AI-driven defensive cybersecurity strategy analysis and recommendation system
US11570209B2 (en) 2015-10-28 2023-01-31 Qomplx, Inc. Detecting and mitigating attacks using forged authentication objects within a domain
CN107070871B (zh) * 2017-01-12 2020-04-24 阿里巴巴集团控股有限公司 一种身份验证的方法及装置
US20240146734A1 (en) * 2017-06-24 2024-05-02 Crowdstrike, Inc. Large language model-based authentication
EP3982591A4 (en) * 2019-06-05 2022-07-27 Sony Group Corporation Information processing device and information processing method
US20220239489A1 (en) * 2019-06-05 2022-07-28 Sony Group Corporation Identity verification program, identity verification method, user terminal, and user authentication program
CN111310234B (zh) * 2020-05-09 2020-11-03 支付宝(杭州)信息技术有限公司 基于零知识证明的个人数据处理方法、装置及电子设备
US12309132B1 (en) * 2024-07-12 2025-05-20 Cortwo Corp. Continuous universal trust architecture and method

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030163737A1 (en) * 2002-02-26 2003-08-28 James Roskind Simple secure login with multiple-authentication providers
US20060037073A1 (en) * 2004-07-30 2006-02-16 Rsa Security, Inc. PIN recovery in a smart card
US20060085647A1 (en) * 2000-03-24 2006-04-20 Neff C A Detecting compromised ballots
US20070124321A1 (en) * 2005-11-02 2007-05-31 Rsa Security Inc. Storing digital secrets in a vault
US20110191837A1 (en) * 2008-09-26 2011-08-04 Koninklijke Philips Electronics N.V. Authenticating a device and a user
US20130046993A1 (en) * 2007-01-22 2013-02-21 Spyrus, Inc. Portable Data Encryption Device with Configurable Security Functionality and Method for File Encryption

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6760752B1 (en) 1999-06-28 2004-07-06 Zix Corporation Secure transmission system
US7725730B2 (en) 2002-08-09 2010-05-25 Emc Corporation Cryptographic methods and apparatus for secure authentication
KR101020913B1 (ko) * 2003-07-28 2011-03-09 소니 주식회사 데이터 송신 장치, 데이터 사용 인정 방법, 데이터 수신 장치 및 방법, 및 기록 매체
US20070162961A1 (en) 2005-02-25 2007-07-12 Kelvin Tarrance Identification authentication methods and systems
JP4697583B2 (ja) 2005-03-02 2011-06-08 琢晃 伊藤 個人情報の漏洩を回避した個人認証システム
US7694138B2 (en) * 2005-10-21 2010-04-06 Avaya Inc. Secure authentication with voiced responses from a telecommunications terminal
US9166782B2 (en) 2006-04-25 2015-10-20 Stephen Laurence Boren Dynamic distributed key system and method for identity management, authentication servers, data security and preventing man-in-the-middle attacks
JP4917453B2 (ja) * 2007-02-22 2012-04-18 Kddi株式会社 閾値秘密分散装置、閾値秘密分散方法、秘密情報復元方法およびプログラム
CN101145911B (zh) 2007-10-30 2010-05-19 江汉大学 具有私密保护及口令找回功能的身份认证方法
US8156333B2 (en) * 2008-05-29 2012-04-10 Red Hat, Inc. Username based authentication security
US8527758B2 (en) * 2009-12-09 2013-09-03 Ebay Inc. Systems and methods for facilitating user identity verification over a network
US8842827B2 (en) * 2010-07-16 2014-09-23 Intryca, Inc. Mobile phone aided operations system and method
JP4820928B1 (ja) 2011-07-08 2011-11-24 株式会社野村総合研究所 認証システムおよび認証方法

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060085647A1 (en) * 2000-03-24 2006-04-20 Neff C A Detecting compromised ballots
US20030163737A1 (en) * 2002-02-26 2003-08-28 James Roskind Simple secure login with multiple-authentication providers
US20060037073A1 (en) * 2004-07-30 2006-02-16 Rsa Security, Inc. PIN recovery in a smart card
US20070124321A1 (en) * 2005-11-02 2007-05-31 Rsa Security Inc. Storing digital secrets in a vault
US20130046993A1 (en) * 2007-01-22 2013-02-21 Spyrus, Inc. Portable Data Encryption Device with Configurable Security Functionality and Method for File Encryption
US20110191837A1 (en) * 2008-09-26 2011-08-04 Koninklijke Philips Electronics N.V. Authenticating a device and a user

Also Published As

Publication number Publication date
US20140282942A1 (en) 2014-09-18
JP6352381B2 (ja) 2018-07-04
US8949960B2 (en) 2015-02-03
BR112015023183A8 (pt) 2018-01-02
JP2017073789A (ja) 2017-04-13
KR102257943B1 (ko) 2021-05-28
AU2014237590A1 (en) 2015-09-10
EP2973162B1 (en) 2018-06-06
WO2014150064A1 (en) 2014-09-25
CN105210071A (zh) 2015-12-30
CN105210071B (zh) 2018-06-01
BR112015023183B1 (pt) 2022-04-05
JP6494584B2 (ja) 2019-04-03
EP2973162A4 (en) 2016-09-07
KR20150132467A (ko) 2015-11-25
EP2973162A1 (en) 2016-01-20
BR112015023183A2 (pt) 2017-07-18
JP2016512931A (ja) 2016-05-09

Similar Documents

Publication Publication Date Title
AU2014237590B2 (en) Privacy preserving knowledge/factor possession tests for persistent authentication
US11233637B2 (en) System and method for validating an entity
US11271926B2 (en) System and method for temporary password management
US11057210B1 (en) Distribution and recovery of a user secret
US10735407B2 (en) System and method for temporary password management
US10868672B1 (en) Establishing and verifying identity using biometrics while protecting user privacy
US9740849B2 (en) Registration and authentication of computing devices using a digital skeleton key
US11388174B2 (en) System and method for securing a communication channel
US8112817B2 (en) User-centric authentication system and method
US20240121098A1 (en) Scalable Authentication System with Synthesized Signed Challenge
JP2008090547A (ja) ユーザ認証方法、ユーザ側認証装置、および、プログラム
US20210365539A1 (en) Visual Image Authentication
US11128453B2 (en) Visual image authentication
CN116318617B (zh) 基于rfid和区块链的医疗救援物资慈善捐助方法
JP6087480B1 (ja) 認証装置、認証システム及び認証プログラム
EP3909197A1 (en) Authentication system with reduced attack surface
Juels Fuzzy commitment
CN116781355A (zh) 数字身份的管理方法、装置、区块链平台及电子设备
Jubur On the security and usability of new paradigms of Web authentication
Maqbali Strengthening Password-Based Authentication
WO2025122333A1 (en) Scalable authentication system with synthesized signed challenge
WO2023073050A1 (en) Recovering access to a user account
WO2021028705A1 (en) Recovery of secret data in a distributed system
Shih et al. An Embedded TOP System for m-Commerce User Authentication

Legal Events

Date Code Title Description
HB Alteration of name in register

Owner name: GOOGLE LLC

Free format text: FORMER NAME(S): GOOGLE, INC.

FGA Letters patent sealed or granted (standard patent)